Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2018-10-11 Cooperative journals: 《计算机应用研究》
Abstract: Aiming at the problem of performance bottleneck and overload in upper layer caused by software-defined network flooding attacks, this paper proposed a software-defined network flooding attack detection method based on distributed SOM and k-means clustering. The DSOM controller at the application layer first sent the existing data set to the switch which had the DSOM extension package integrated and it trained the DSOM mapping on each switch. Then, it consolidated the DSOM mapping within a predetermined time. Finally, the DSOM controller sent the merged DSOM mapping to all OpenFlow switches and used k-means clustering to complete the final classification. Experimental results show that the DSOM scheme can effectively detect abnormal traffic and solve bottleneck problems, which has certain advantages over traditional methods. In addition, the proposed method improves the response speed of the system to attack traffic and at the same time it brings less overhead to the network system.
Hits
YES
Hits
Downloads
Comment