首页> 外国专利> DDOS ATTACK DETECTION AND MITIGATION METHOD FOR INDUSTRIAL SDN NETWORK

DDOS ATTACK DETECTION AND MITIGATION METHOD FOR INDUSTRIAL SDN NETWORK

机译：工业SDN网络的DDOS攻击检测与缓解方法

页面导航

摘要
著录项
相似文献

摘要

The present invention relates to a DDoS attack detection and mitigation method for an industrial SDN network, and belongs to the field of network security. According to the method, by means of the cooperation between an east-west interface of an SDN controller in an industrial backhaul network and a system manager of an industrial access network, in conjunction with the features of the industrial backhaul network and an industrial access network data packet, a flow entry matching field of an OpenFlow switch is extended, and a flow table 0 is set to be a “flow table dedicated to DDoS attack mitigation” for defending against an attacking data flow in a timely manner. By using the SDN controller of an industrial backhaul network and a DDoS attack detection and mitigation system, an attacking data flow is identified and a DDoS attack source is found, and the policy of mitigating a DDoS attack is implemented by means of scheduling a system manager of the industrial access network. According to the present invention, the normal traffic of an industrial backhaul network and an industrial access network is ensured, and a threat posed by a DDoS attack to the security of an industrial network is overcome.

机译：本发明涉及一种用于工业SDN网络的DDOS攻击检测和缓解方法，属于网络安全领域。根据该方法，通过在工业回程网络和工业接入网络的系统管理器中的SDN控制器的东部地区之间的合作，结合工业回程网络和工业接入网络的特征数据包，扩展了OpenFlow开关的流条目匹配字段，并且将流表0设置为“专用于DDOS攻击缓解的流量表”，以便及时地防御攻击数据流。通过使用工业回程网络的SDN控制器和DDOS攻击检测和缓解系统，识别出攻击数据流程，并且找到了DDOS攻击源，通过调度系统管理器来实现减轻DDOS攻击的策略工业接入网络。根据本发明，确保了工业回程网络和工业接入网络的正常业务，并克服了对工业网络的安全性构成的威胁。

著录项

公开/公告号US2021092153A1

专利类型
公开/公告日2021-03-25

原文格式PDF
申请/专利权人 CHONGQING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS;
展开▼

申请/专利号US201816629964
发明设计人 MIN WEI;TAO YANG;JIUCHAO MAO;QIAOYUE PANG;PING WANG;
展开▼

申请日2018-03-06
分类号H04L29/06;H04L12/801;
国家 US
入库时间 2022-08-24 17:53:56

相似文献

专利
外文文献
中文文献