Research on low-rate DDoS attack of SDN network in cloud environment

Aiming at the problems of low-rate DDoS attack detection accuracy in cloud SDN network and the lack of unified framework for data plane and control plane low-rate DDoS attack detection and defense, a unified framework for low-rate DDoS attack detection was proposed. First of all, the validity of the data plane DDoS attacks in low rate was analyzed, on the basis of combining with low-rate of DDoS attacks in the aspect of communications, frequency characteristics, extract the mean value, maximum value, deviation degree and average deviation, survival time of ten dimensions characteristics of five aspects, to achieve the low-rate of DDoS attack detection based on bayesian networks, issued by the controller after the relevant strategies to block the attack flow. Finally, in OpenStack cloud environment, the detection rate of low-rate DDoS attack reaches 99.3% and the CPU occupation rate is 9.04%. It can effectively detect and defend low-rate DDoS attacks. © 2019, Editorial Board of Journal on Communications. All right reserved.