The detection of DDoS attacks is an important topic in the field of network security. The occurrence of software defined network (SDN) (Zhang et al., 2018) brings up some novel methods to this topic in which some deep learning algorithm is adopted to model the attack behavior based on collecting from the SDN controller. However, the existing methods such as neural network algorithm are not practical enough to be applied. In this paper, the SDN environment by mininet and floodlight (Ning et al., 2014) simulation platform is constructed, 6-tuple characteristic values of the switch flow table is extracted, and then DDoS attack model is built by combining the SVM classification algorithms. The experiments show that average accuracy rate of our method is 95.24% with a small amount of flow collecting. Our work is of good value for the detection of DDoS attack in SDN.
In data center networks, MultiPath TCP (MPTCP) obtains both higher network utilization and fairer allocation of capacity by exploring multiple paths simultaneously. However, MPTCP experiences more queue oscillation in switch buffer with the increasing of the number of subflows. When using explicit congestion notification as the congestion indication to track the queue length in switch buffer, it is difficult for MPTCP to capture the accurate congestion state, resulting in wrong behavior in congestion control. Therefore, we propose an enhanced MPTCP protocol, namely, advanced MPTCP (AMP), which adjusts the time granularity of the congestion detection and control under a different number of subflows. The test results show that compared with Linked Increases Algorithm and eXplicit MultiPath, AMP achieves lower latency for small flows and higher throughput for large flows. INDEX TERMS Data center networks, explicit congestion notification, MultiPath TCP.
Different from the traditional wired network, the fundamental cause of transmission congestion in wireless ad hoc networks is medium contention. How to utilize the congestion state from the MAC (Media Access Control) layer to adjust the transmission rate is core work for transport protocol design. However, recent works have shown that the existing cross-layer congestion detection solutions are too complex to be deployed or not able to characterize the congestion accurately. We first propose a new congestion metric called frame transmission efficiency (i.e., the ratio of successful transmission delay to the frame service delay), which describes the medium contention in a fast and accurate manner. We further present the design and implementation of RECN (ECN and the ratio of successful transmission delay to the frame service delay in the MAC layer, namely, the frame transmission efficiency), a general supporting scheme that adjusts the transport sending rate through a standard ECN (Explicit Congestion Notification) signaling method. Our method can be deployed on commodity switches with small firmware updates, while making no modification on end hosts. We integrate RECN transparently (i.e., without modification) with TCP on NS2 simulation. The experimental results show that RECN remarkably improves network goodput across multiple concurrent TCP flows.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.