Curve Decision Fusion-Based Saturation Attack Detection Method in SDN

doi:10.19678/j.issn.1000-3428.0067730

Abstract

Abstract:

Saturation attacks against Software Defined Network (SDN) switches and controllers are major security issues in SDN. When using ensemble learning methods to detect saturation attacks, existing methods typically use simple distance or entropy calculations to fix the evidence. This may lead to information loss, thereby decreasing detection accuracy. To overcome this problem, a novel curve decision fusion-based saturation attack detection method SACOIN is proposed. SACOIN first calculates the degree of confusion in the original probability matrix to fix the inter-multiclassifier evidence. The probability matrix of the binary classifier is then converted into a signal, and the noise is removed. SACOIN extracts the signal features from the reconstructed wavelet to form a decision matrix. Subsequently, the mutual information between the rows of the decision matrix is calculated to fix the original evidence of multiple classifiers. Finally, the Dempster-Shafer (D-S) evidence theory is used to combine the evidence and obtain the final detection result. The experimental results show that when detecting saturation attacks targeting SDN switches and controllers, SACOIN can achieve high accuracy, precision, recall, and F1 value of 92.3%, 93%, 92.1%, and 91.3%, respectively.

Key words: saturation attack, Software Defined Network(SDN), filtering, decision fusion, D-S theory

摘要：

针对软件定义网络(SDN)交换机和控制器的饱和攻击是SDN中的主要安全问题。在使用集成学习方法检测饱和攻击时, 现有方法通常使用距离或熵值等简单的信息计算方法修正证据, 可能存在信息丢失问题, 降低饱和攻击检测精度。为解决上述问题, 提出一种基于曲线决策融合的饱和攻击检测方法(SACOIN)。SACOIN首先计算多分类器概率矩阵的混乱程度修正多分类器内证据; 随后将多分类器概率矩阵转换为曲线并去除噪声, 提取重构小波的信号特征组成特征矩阵; 然后计算特征矩阵行内互信息, 基于上述互信息修正多分类器间证据; 最后使用D-S证据理论融合修正证据, 得到最终检测结果。实验结果表明, SACOIN在检测针对SDN交换机和控制器的饱和攻击时的准确率、精确率、召回率、F1值分别为92.3%、93%、92.1%、91.3%。

关键词: 饱和攻击, 软件定义网络, 滤波, 决策融合, D-S理论

Yunhe CUI, Jianpeng ZHAO, Hongzhen YANG, Xianchao LI. Curve Decision Fusion-Based Saturation Attack Detection Method in SDN[J]. Computer Engineering, 2024, 50(8): 123-132.

崔允贺, 赵建朋, 杨鸿珍, 李显超. 基于曲线决策融合的SDN饱和攻击检测方法[J]. 计算机工程, 2024, 50(8): 123-132.

/ Recommend / Download Citations

URL: https://www.ecice06.com/EN/10.19678/j.issn.1000-3428.0067730

https://www.ecice06.com/EN/Y2024/V50/I8/123

Figures/Tables 9

Fig.1 Architecture of SACOIN

Fig.2 Comparison results of confusion matrix using different methods

Fig.3 Comparison of ROC curves of different methods

Fig.4 Comparison of CPU usage rates

Fig.5 Comparison of memory usage rates

References 26

1	YAN Q, YU F R, GONG Q X, et al. Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials, 2016, 18(1): 602- 622.
2	POUTIEVSKI L, MASHAYEKHI O, ONG J, et al. Jupiter evolving: transforming google's datacenter network via optical circuit switches and software-defined networking[C]//Proceedings of the ACM SIGCOMM 2022 Conference. New York, USA: ACM Press, 2022: 66-85.
3	SELLAMI B, HAKIRI A, BEN YAHIA S, et al. Energy-aware task scheduling and offloading using deep reinforcement learning in SDN-enabled IoT network. Computer Networks, 2022, 210, 108957. doi: 10.1016/j.comnet.2022.108957
4	CUI Y H, QIAN Q, GUO C, et al. Towards DDoS detection mechanisms in software-defined networking. Journal of Network and Computer Applications, 2021, 190, 103156. doi: 10.1016/j.jnca.2021.103156
5	陈何雄, 罗宇薇, 韦云凯, 等. 基于联邦学习的SDN异常流量协同检测技术. 计算机工程, 2023, 49(3): 168- 176. URL
	CHEN H X, LUO Y W, WEI Y K, et al. Collaborative detection technology of SDN abnormal traffic based on federated learning. Computer Engineering, 2023, 49(3): 168- 176. URL
6	DEB R, ROY S. A comprehensive survey of vulnerability and information security in SDN. Computer Networks, 2022, 206, 108802. doi: 10.1016/j.comnet.2022.108802
7	CAO J H, XU M W, LI Q, et al. The LOFT attack: overflowing SDN flow tables at a low rate. IEEE/ACM Transactions on Networking, 2023, 3(31): 1416- 1431.
8	YU M L, HE T, MCDANIEL P, et al. Flow table security in SDN: adversarial reconnaissance and intelligent attacks[C]//Proceedings of the IEEE Conference on Computer Communications. Washington D. C., USA: IEEE Press, 2020: 1519-1528.
9	ZHANG M H, LI G Y, XU L, et al. Control plane reflection attacks and defenses in software-defined networks. IEEE/ACM Transactions on Networking, 2021, 29(2): 623- 636. doi: 10.1109/TNET.2020.3040773
10	WANG Z, WANG R X, GAO J M, et al. Fault recognition using an ensemble classifier based on Dempster–Shafer Theory. Pattern Recognition, 2020, 99, 107079. doi: 10.1016/j.patcog.2019.107079
11	GALAR M, FERNÁNDEZ A, BARRENECHEA E, et al. DRCW-OVO: distance-based relative competence weighting combination for One-vs-One strategy in multi-class problems. Pattern Recognition, 2015, 48(1): 28- 42. doi: 10.1016/j.patcog.2014.07.023
12	HUI K H, LIM M H, LEONG M S, et al. Dempster-Shafer evidence theory for multi-bearing faults diagnosis. Engineering Applications of Artificial Intelligence, 2017, 57, 160- 170. doi: 10.1016/j.engappai.2016.10.017
13	LI Z Y, XING W J, KHAMAISEH S, et al. Detecting saturation attacks based on self-similarity of OpenFlow traffic. IEEE Transactions on Network and Service Management, 2020, 17(1): 607- 621. doi: 10.1109/TNSM.2019.2959268
14	ZHAO X H, WANG Q X, WU Z H, et al. Method for overflow attack defense of SDN network flow table based on stochastic differential equation. Wireless Personal Communications, 2021, 117(4): 3431- 3447. doi: 10.1007/s11277-021-08086-y
15	GUO Y, MIAO F, ZHANG L C, et al. CATH: an effective method for detecting denial-of-service attacks in software defined networks. Science China Information Sciences, 2019, 62(3): 32106. doi: 10.1007/s11432-017-9439-7
16	MUSUMECI F, IONATA V, PAOLUCCI F, et al. Machine-learning-assisted DDoS attack detection with P4 language[C]//Proceedings of the IEEE International Conference on Communications (ICC). Washington D. C., USA: IEEE Press, 2020: 1-6.
17	PHAN T V, NGUYEN T G, DAO N N, et al. DeepGuard: efficient anomaly detection in SDN with fine-grained traffic flow monitoring. IEEE Transactions on Network and Service Management, 2020, 17(3): 1349- 1362. doi: 10.1109/TNSM.2020.3004415
18	RAN L Y, CUI Y H, GUO C, et al. Defending saturation attacks on SDN controller: a confusable instance analysis-based algorithm. Computer Networks, 2022, 213, 109098. doi: 10.1016/j.comnet.2022.109098
19	杨亚红, 王海瑞. 基于Renyi熵和BiGRU算法实现SDN环境下的DDoS攻击检测方法. 计算机科学, 2022, 49(S1): 555- 561. URL
	YANG Y H, WANG H R. Implementation of DDoS attack detection method in SDN environment based on Renyi entropy and BiGRU algorithm. Computer Science, 2022, 49(S1): 555- 561. URL
20	XIAO F Y. Multi-sensor data fusion based on the belief divergence measure of evidences and the belief entropy. Information Fusion, 2019, 46, 23- 32.
21	YUAN K J, XIAO F Y, FEI L G, et al. Modeling sensor reliability in fault diagnosis based on evidence theory. Sensors, 2016, 16(1): 113.
22	LI Y Z, YAO S J, ZHANG R Y, et al. Analyzing host security using D-S evidence theory and multisource information fusion. International Journal of Intelligent Systems, 2021, 36(2): 1053- 1068.
23	HUA Y, SUN Y Y, XU G D, et al. A fault diagnostic method for oil-immersed transformer based on multiple probabilistic output algorithms and improved DS evidence theory. International Journal of Electrical Power and Energy Systems, 2022, 137, 107828.
24	XIE L X, DING Y, YANG H Y, et al. Mitigating LFA through segment rerouting in IoT environment with traceroute flow abnormality detection. Journal of Network and Computer Applications, 2020, 164, 102690.
25	CUI Y H, YAN L S, LI S F, et al. SD-Anti-DDoS: fast and efficient DDoS defense in software-defined networks. Journal of Network and Computer Applications, 2016, 68, 65- 79.
26	PENG J C, CUI Y H, QIAN Q, et al. ADVICE: towards adaptive scheduling for data collection and DDoS detection in SDN. Journal of Information Security and Applications, 2021, 63, 103017.

[1]	ZHANG Yuxin, ZHANG Lei, OU Dongxiu. Hybrid Filtering Method for Multisource Point Cloud Data of Maglev Tracks [J]. Computer Engineering, 2024, 50(9): 54-62.
[2]	LIN Chang, GUO Wei, REN Zhecong, JIN Haibo. Unification Algorithm for Object Tracking and Segmentation Based on Transformer [J]. Computer Engineering, 2024, 50(9): 130-141.
[3]	ZHAO Jida, ZHEN Guoyong, CHU Chengqun. Unmanned Aerial Vehicle Image Target Detection Algorithm Based on YOLOv8 [J]. Computer Engineering, 2024, 50(4): 113-120.
[4]	Yanqiong SHI, Zhao ZHA, Wenliang ZHANG, Eryu DAI, Zhong CHEN. Shape From Focus Based on Depth Estimation Confidence [J]. Computer Engineering, 2024, 50(3): 233-241.
[5]	Haining YAN, Zhengtao YU, Yuxin HUANG, Ran SONG, Xi YANG. Event Detection Model Integrating Part of Speech Semantic Extension Information [J]. Computer Engineering, 2024, 50(3): 89-97.
[6]	Qian LI, Haiyun XIANG, Yuting ZHANG, Yun GAN, Haode LIAO. G-MASK Facial Adversarial Attack Combining Gaussian Filtering and MASK [J]. Computer Engineering, 2024, 50(2): 308-316.
[7]	GUO Lei, JING Shan, WEI Liang, ZHAO Chuan. Crossfire Attack Defense Method Based on Software Defined Network [J]. Computer Engineering, 2024, 50(10): 216-227.
[8]	Xiangju LIU, Ben ZHAO, Xianjin FANG, Yangyang XU. Dynamic Load Balancing Strategy Based on Process Optimization in SDN [J]. Computer Engineering, 2023, 49(8): 137-145.
[9]	Xuyan ZHAO, Yunhe CUI, Qing QIAN, Chun GUO, Guowei SHEN. Joint Placement of Virtual Machine and Routing Path Based on Virtual Extended Network [J]. Computer Engineering, 2023, 49(8): 154-162.
[10]	YU Jiaxin, WANG Chunyuan, HAN Hua, GAO Yan. Stereo Matching Algorithm Based on Fusion Cost and Optimized Guided Filtering [J]. Computer Engineering, 2023, 49(3): 257-262,270.
[11]	Wenbin CHANG, Mingren MU, Haipeng JIA, Yunquan ZHANG, Sijia ZHANG. Research on the Implementation and Optimization of Image Filtering Algorithm Based on OpenGL ES [J]. Computer Engineering, 2023, 49(11): 257-266.
[12]	WANG Chunzhi, NIU Hongxia. Sand-Dust Degraded Image Enhancement Algorithm Based on Histogram Equalization and MSRCR [J]. Computer Engineering, 2022, 48(9): 223-229.
[13]	MIAO Yuxin, SONG Chunhua, NIU Baoning, KANG Ruixue. Dual-Channel Graph Collaborative Filtering Recommendation Algorithm [J]. Computer Engineering, 2022, 48(8): 121-128.
[14]	QIAO Caicai, WU Chengmao, LI Changxing, WANG Jiaye. Robust Fuzzy Clustering Algorithm Integrating Membership Degree and Pixel Alternating Guided Filtering [J]. Computer Engineering, 2022, 48(8): 224-233.
[15]	YE Heyuan, HAN Li, SUN Shimin. Network Measurement Node Selection Algorithm Based on Ant Colony Optimization in SDN [J]. Computer Engineering, 2022, 48(5): 191-199.

Please choose a citation manager

Content to export