Distributed denial of service (DDoS) is a special form of denial of service attack. In this paper, a DDoS detection model and defense system based on deep learning in Software-Defined Network (SDN) environment are introduced. The model can learn patterns from sequences of network traffic and trace network attack activities in a historical manner. By using the defense system based on the model, the DDoS attack traffic can be effectively cleaned in Software-Defined Network. The experimental results demonstrate the much better performance of our model compared with conventional machine learning ways. It also reduces the degree of dependence on environment, simplifies the realtime update of detection system, and decreases the difficulty of upgrading or changing detection strategy.OpenFlow Pipeline Processing defines the behavior of data packets interacting with flow tables; the process of Pipeline Processing is shown in Figure 1B. Pipeline Processing always starts from the first flow table of the entry processing phase. The use of other entry flow tables depends on the matching result of the first flow table. If the packet matches the corresponding flow entry, then apply instructions set in this flow entry. This packet may be forwarded to other flow tables by the Goto-Table instruction. If the packet does not match any flow entry, and there is no table-miss flow entry, the packet will be dropped.Distributed denial of service (DDoS) attack is a kind of cooperative attack model, which is more fragile and larger than general distributed attack. Attackers use many puppet machines they controlled to simultaneously launch denial of service (DoS) attacks on the target. Ultimately, the system resources or network bandwidth are exhausted or even collapsed. Since the first DDoS attack occurred in 1999, 2 DDoS has become a fatal, widespread, and rapidly evolving threat in the world. According to a survey from Radware, DDoS is currently the largest threat (50% respondents in the survey) for organizations. 3 Currently, main attack vectors include UDP flood, HTTP flood, SYN flood, ICMP, DNS, etc and pose serious threats to both systems and networks. 4 At the beginning of the design of SDN architecture, 5 the security of SDN network has become one of the key research issues. In implementation of the defense architecture for DDoS attack based on OpenFlow, 6 OpenFlow switches are often used to collect network traffic and analyze the feature information of data message. Finally, matching rule with the recorded DDoS attack rule base 7 and using controller to complete the task of intrusion response, among them, in addition to complete the flow forwarding task, switches also need to do other tasks such as data protocol analysis and DDoS attack rule base matching. In addition to routine tasks such as maintenance, control, and forwarding, the controller is also required to complete feature collection of data packets of DDoS attacks, intrusion response, 8 and other special tasks. A lot of extra tasks of controllers and switches can add burd...
This document defines basic classes of Logical Function Blocks (LFBs) used in Forwarding and Control Element Separation (ForCES). The basic LFB classes are defined according to the ForCES Forwarding Element (FE) model and ForCES protocol specifications; they are scoped to meet requirements of typical router functions and are considered the basic LFB library for ForCES. The library includes the descriptions of the LFBs and the XML definitions. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6956.
SUMMARY The transport mapping layer (TML) scheduling model in forwarding and control element separation (ForCES) system is important because it not only should be able to process the messages with different priorities but also can solve the fairness and robustness problems in network element level. In this paper, a two‐stage scheduling scheme with strict priority and general processor share scheduling is proposed. In a stochastic network calculus framework and on the basis of moment‐generating functions, bounds on average backlogs and delays of all channels are derived. The performance solving approach presented in this paper is quite general and practical, and the results may be used in other fields easily, without limiting ForCES CE TML. Numerical examples are presented to test the bounds, which show the scheduling scheme is practical and well suited for CE TML requirements. Copyright © 2013 John Wiley & Sons, Ltd.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.