摘要
软件定义网络(software defined networking,简称SDN)是一种新型的网络架构.SDN将控制层从数据层分离并开放网络接口,以实现网络集中控制并提高网络的可扩展性和编程性.但是SDN也面临诸多的网络安全威胁.异常流量检测技术可以保护网络安全,防御恶意流量攻击.对SDN异常流量检测进行了全面的研究,归纳了数据平面和控制平面可能遭受到的网络攻击;介绍并分析了位于应用平面、控制平面和中间平台的异常流量检测框架;探讨了异常流量识别机制、负载均衡机制、异常流量追溯机制和异常缓解机制;最后指明SDN异常流量检测在未来工作中的研究方向.
Software defined networking(SDN)is new network architecture.SDN separates control layer from data layer and opens network interfaces to realize centralized network control and improve the scalability and the programmability of the network.But SDN is also facing a lot of network security threats.Abnormal traffic detection technologies can protect the network against malicious traffic attacks.This paper presents a comprehensive survey on the abnormal traffic detection of SDN.The possible network attacks on data plane and control plane are overviewed.Abnormal traffic detection frameworks on application plane,control plane,and intermediate platform are introduced and analyzed.The mechanisms of abnormal traffic identification,load balancing,abnormal traffic traceback,and abnormal traffic mitigation are discussed.The future work direction of SDN abnormal traffic detection is pointed out at the end.
作者
徐玉华
孙知信
XU Yu-Hua;SUN Zhi-Xin(Technology Research and Development Center of Postal Industry of State Post Bureau(Technology of Internet of Things),Nanjing University of Posts and Telecommunications,Nanjing 210003,China;Key Laboratory of Broadband Wireless Communication and Sensor Network Technology,Ministry of Education(Nanjing University of Posts and Telecommunications),Nanjing 210003,China)
出处
《软件学报》
EI
CSCD
北大核心
2020年第1期183-207,共25页
Journal of Software
基金
国家自然科学基金(61672299,61972208)
江苏省普通高校研究生科研创新计划。
关键词
软件定义网络
网络安全威胁
异常流量检测
异常流量追溯
异常流量缓解
software defined networking
network security threats
abnormal traffic detection
abnormal traffic traceback
abnormal traffic mitigation
