• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

计算机工程与科学 ›› 2023, Vol. 45 ›› Issue (02): 277-285.

• 计算机网络与信息安全 • 上一篇    下一篇

SDN环境中基于Bi-LSTM的DDoS攻击检测方案

白坚镜,顾瑞春,刘清河   

  1. (内蒙古科技大学信息工程学院,内蒙古 包头 014010) 
  • 收稿日期:2022-03-10 修回日期:2022-05-26 接受日期:2023-02-25 出版日期:2023-02-25 发布日期:2023-02-15
  • 基金资助:
    内蒙古自然科学基金(2021LHMS06003)

A DDoS attack detection scheme based on Bi-LSTM in SDN

BAI Jian-jing,GU Rui-chun,LIU Qing-he   

  1. (School of Information Engineering,Inner Mongolia University of Science & Technology,Baotou 014010,China)
  • Received:2022-03-10 Revised:2022-05-26 Accepted:2023-02-25 Online:2023-02-25 Published:2023-02-15

摘要: 针对5G物联网环境中海量接入设备带来的DDoS攻击威胁,同时考虑到软件定义网络SDN对5G物联网的适用性,提出了一种在SDN环境中利用长短期记忆LSTM网络检测DDoS攻击的方案,以提高对DDoS攻击检测的准确性。并采用分治算法思想,提出了一种轻量级分布式边缘计算架构OCM,在物联网中的空闲边缘节点部署基于Bi-LSTM的轻量级神经网络完成检测任务,在保证准确性的同时,增加了检测的灵活性。在ISCX2012数据集上评估了所提方案的有效性和可行性。实验结果表明,所提方案能够准确检测DDoS攻击并有效缓解DDoS攻击。

关键词: SDN, 5G, DDoS, 物联网, 网络安全

Abstract: Aiming at the DDoS attack threat brought by massive access devices in the 5G Internet of Things (IoT) environment, considering the Software Defined Network (SDN) for the applicability of 5G IoT, a DDoS attack detection scheme using Long Short-Term Memory (LSTM) network in SDN environment is proposed, in order to improve the accuracy of DDoS attack detection. Based on the idea of divide-and-conquer algorithm, a lightweight distributed edge computing architecture, called Only Care Myself (OCM), is proposed. A Bi-LSTM based lightweight neural network is deployed on idle edge nodes in IoT to complete the detection task, which increases the flexibility of detection while maintaining the accuracy. The performance index of the proposed scheme was evaluated on the ISCX2012 dataset, and the feasibility of the proposed scheme is verified. Experimental results show that the proposed scheme can accurately detect DDoS attacks and effectively mitigate DDoS attacks.

Key words: software defined network(SDN), 5G, distributed denial of service(DDoS), Internet of Things (IoT), network security