英文摘要 |
The data forwarding plane in the Software Defined Network (SDN) is decoupled from the network control plane, which can realize the unified control of the whole network by the controller. Although centralize control provide great convenient in many cases, it is vulnerable to malicious attacks, especially for one of the most threatening attack - Distributed Denial of Service (DDoS). We innovatively propose a machine learning hybrid DDoS attack detection model which provide high precision within short-term. We named our model as RF-SVM-IL, which represents an integration of integrates Random Forest (RF), Support Vector Machine (SVM) and Incremental Learning (IL). The combination of RF and SVM can detect detect attacks in two layers and filter out the easily misclassified samples. Then IL is added to filter new samples to avoid repeated iteration training, and improve the adaptability of the model to dynamic data. Compared with other methods, RF-SVM-IL can detect DDoS attacks in SDN with higher accuracy and shorter time. The experimental results show that the average detection accuracy of RF-SVM-IL model is as high as 98.54%, and the detection time is as low as 2.386s. |