Discovery method for distributed denial-of-service attack behavior in SDNs using a feature-pattern graph model

作     者：Ya XIAO Zhi-jie FAN Amiya NAYAK Cheng-xiang TAN 

作者机构：College of Electronics and Information EngineeringTongji UniversityShanghai 201804China School of Electrical Engineering and Computer ScienceUniversity of OttawaOttawa K1N 6N5Canada The Third Research Institute of the Ministry of Public SecurityShanghai 200120China 

出 版 物：《Frontiers of Information Technology & Electronic Engineering》 (信息与电子工程前沿（英文版）)

年 卷 期：2019年第20卷第9期

页      面：1195-1208页

核心收录：

学科分类：081203[工学-计算机应用技术] 08[工学] 0835[工学-软件工程] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：project supported by the National Key R&D Program of China(Nos.2017YFB0802300 and 2017YFC0803700) 

主　　题：Software-defined network Distributed denial-of-service(DDoS) Behavior discovery Distance metric learning Feature-pattern graph 

摘      要：The security threats to software-defined networks(SDNs)have become a significant problem,generally because of the open framework of *** all the threats,distributed denial-of-service(DDoS)attacks can have a devastating impact on the *** propose a method to discover DDoS attack behaviors in SDNs using a feature-pattern graph *** feature-pattern graph model presented employs network patterns as nodes and similarity as weighted links;it can demonstrate not only the traffc header information but also the relationships among all the network *** similarity between nodes is modeled by metric learning and the Mahalanobis *** proposed method can discover DDoS attacks using a graph-based neighborhood classification method;it is capable of automatically finding unknown attacks and is scalable by inserting new nodes to the graph model via local or global *** on two datasets prove the feasibility of the proposed method for attack behavior discovery and graph update tasks,and demonstrate that the graph-based method to discover DDoS attack behaviors substantially outperforms the methods compared herein.