Research On DDoS Attack Defense Technology Based On NFV In SDN

As an emerging network architecture,Software Defined Networking(SDN)has the advantages of centralized control,high utilization,programmability.SDN provides flexible and diverse network connections and services for future networks,and has broad application prospects in the fields of Internet of Things and cloud computing.But SDN brings many security challenges.As one of the most worthy security issues,DDoS attacks continue to exhaust the resources of key equipment on the SDN network,causing the SDN network to fail to provide normal services or even collapse.In recent years,Network Function Virtualization(NFV)technology has provided new ideas for solving DDoS attack problems in SDN.With the advantages of efficient resource management capabilities and flexible dynamic deployment,NFV was used to improve the security of the SDN environment.This paper aims at the problem of DDoS attacks in the SDN network environment.Based on the purpose of detecting attacks,tracing attacks and mitigating attacks in the defense of DDoS attack methods,this paper conducts research on DDoS attack defense methods by combining NFV technology.The main research work includes:(1)DDoS attack detection method based on reinforcement learning-random forest algorithm.For the problems of controller load and detection accuracy in DDoS attack detection methods in SDN network,this paper designs a network architecture of software-defined network functions virtualization(SDNFV),and proposes a DDoS attack detection method based on reinforcement learning-random forest algorithm.The DDoS attack detection method is used to improve the detection accuracy and reduce the load of the controller,which improves the overall security of the SDN network.The performance of the scheme is verified through simulation experiments,which show that the scheme performs better in terms of attack response time,CPU utilization and detection accuracy.(2)DDoS attack source tracing method based on classification strategy.For the problems of the traceability efficiency and traceability response time of the DDoS attack traceability method in the SDN environment,based on the SDNFV architecture proposed in this paper,this paper proposes a classification strategy based on the DDoS attack detection results.After the classification,the position in a dangerous state takes a path backtracking based on conditional entropy,and deploys monitoring nodes for the position in a suspicious state.The performance of the scheme is verified through simulation experiments,which shows that the scheme performs better in terms of traceability time and CPU utilization.(3)DDoS attack mitigation method based on prisoner's dilemma game.For the problems of scalability and resource utilization of DDoS attack mitigation methods in the SDN environment,this paper designs a multi-controller collaboration system,and completes the mitigation of DDoS attacks based on the collaboration of members within the collaboration system.Aiming at the problem that the members of the above system adopt "selfish behavior" and "malicious behavior" in the process of collaboration,this paper introduces the prisoner's dilemma game technology and proposes a repeated prisoner's dilemma game model with added incentives and distinct incentive mechanisms.Based on the game results,this paper proposes a resource allocation mechanism based on social reputation value,thereby improving the collaboration of the collaboration system.The performance of the scheme was verified through simulation experiments,which showed that the scheme performed better in terms of packet loss rate,reputation value and resource allocation.