DoS Mitigation Mechanism Based on Non-cooperative Repeated Game for SDN

机译：基于非合作重复游戏的DOS缓解机制SDN

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Software defined network (SDN) can manage the whole network flexibly because of its programmability and logically centralized architecture. However, the centralized architecture of SDN makes it more vulnerable to Denial of Service (DoS) attack which is launched by sending a large number of malicious packet_in packets to consume the resources of the controller and data planes. In order to protect the normal operation of the network from DoS, we propose an effective DoS mitigation framework based on non-cooperative repeated game called PrioGuard. DoS can be detected based on the information entropy, packet_in rate and packet_in response rate. Furthermore, the penalty-incentive mechanism of repeated game is adopted to punish these attackers by lowering their priority in order to postpone their requests. The requests from attackers will be migrated to data plane cache, which can mitigate the interface cache of control plane and make the controller process the normal requests effectively. We have implemented a prototype system of PrioGuard. Simulation evaluations demonstrate that our scheme is very effective with less response time, less packet loss rate and lower controller load.

机译：软件定义的网络（SDN）可以灵活地管理整个网络，因为其可编程性和逻辑集中式架构。但是，SDN的集中式架构使得拒绝服务（DOS）攻击更容易受到通过发送大量恶意Packet_in数据包来消耗控制器和数据平面的资源来启动的服务（DOS）攻击。为了保护来自DOS网络的正常运行，我们提出了一种基于名为Prioguard的非合作重复游戏的有效的DOS缓解框架。可以基于信息熵，Packet_in速率和Packet_in响应速率来检测DOS。此外，通过降低其优先级以推迟他们的要求，通过了重复游戏的惩罚机制来惩罚这些攻击者。攻击者的请求将被迁移到数据平面缓存，这可以减轻控制平面的接口缓存，并使控制器处理正常请求。我们已经实施了一个原型的Prioguard系统。仿真评估表明，我们的方案非常有效，响应时间较少，丢包率较少，控制器负载较低。

著录项

来源
《IEEE International Conference on Parallel and Distributed Systems》|2018年|545-1092p|共8页
会议地点
作者
Guowei Wu; Zhaoxin Li; Lin Yao;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP316.4-53;
关键词
SDN; DoS; Entropy; Game theory;

机译：SDN;DOS;熵;博弈论;

相似文献

外文文献
中文文献
专利

1. Adaptive Self Organizing Maps Inspired SDN-Based DDoS (ASOM-SDN-DDoS) Mitigation Framework [J] . Pillutla Harikrishna, A. Amuthan International Journal of Scientific & Technology Research . 2019,第10期

机译：自适应自组织地图启发了基于SDN的DDoS（ASOM-SDN-DDoS）缓解框架
2. A reputation score policy and Bayesian game theory based incentivized mechanism for DDoS attacks mitigation and cyber defense [J] . Amrita Dahiya, Brij B. Gupta Future generation computer systems . 2021,第Apra期

机译：基于声望的DDOS攻击缓解和网络防守的信誉评分政策和贝叶斯博弈论
3. Neural Network-Based Approach for Detection and Mitigation of DDoS Attacks in SDN Environments [J] . Hannache Oussama, Batouche Mohamed Chaouki International journal of information security and privacy . 2020,第3期

机译：基于神经网络的检测和减轻DDOS攻击中DDOS环境的方法
4. DoS Mitigation Mechanism Based on Non-Cooperative Repeated Game for SDN [C] . Guowei Wu, Zhaoxin Li, Lin Yao IEEE International Conference on Parallel and Distributed Systems . 2018

机译：基于非合作重复博弈的SDN DoS缓解机制
5. Network AIS-Based DDoS Attack Detection in SDN Environments with NS-3 [D] . Jevtic, Stefan G. 2017

机译：具有NS-3的SDN环境中基于网络的基于AIS的DDOS攻击检测
6. Detection and Mitigation of DoS and DDoS Attacks in IoT-Based Stateful SDN: An Experimental Approach [O] . Jesús Galeano-Brajones, Javier Carmona-Murillo, Juan F. Valenzuela-Valdés, 2020

机译：基于物联网的状态SDN中DoS和DDoS攻击的检测和缓解：一种实验方法
7. Detection and Mitigation of DoS and DDoS Attacks in IoT-Based Stateful SDN: An Experimental Approach [O] . Jesús Galeano-Brajones, Javier Carmona-Murillo, Juan F. Valenzuela-Valdés, 2020

机译：基于物联网的DOS和DDOS攻击的检测和缓解，实验方法

DoS Mitigation Mechanism Based on Non-cooperative Repeated Game for SDN

摘要

著录项

相似文献

相关主题

期刊订阅