(南京邮电大学 国家邮政局邮政行业技术研发中心(物联网技术), 江苏 南京 210003;宽带无线通信与传感网技术教育部重点实验室(南京邮电大学), 江苏 南京 210003)
Research Development of Abnormal Traffic Detection in Software Defined Networking
XU Yu-Hua,SUN Zhi-Xin
(Technology Research and Development Center of Postal Industry of State Post Bureau(Technology of Internet of Things), Nanjing University of Posts and Telecommunications, Nanjing 210003, China;Key Laboratory of Broadband Wireless Communication and Sensor Network Technology, Ministry of Education(Nanjing University of Posts and Telecommunications), Nanjing 210003, China)
Received:August 01, 2018    Revised:May 08, 2019
> 中文摘要: 软件定义网络(software defined networking,简称SDN)是一种新型的网络架构.SDN将控制层从数据层分离并开放网络接口,以实现网络集中控制并提高网络的可扩展性和编程性.但是SDN也面临诸多的网络安全威胁.异常流量检测技术可以保护网络安全,防御恶意流量攻击.对SDN异常流量检测进行了全面的研究,归纳了数据平面和控制平面可能遭受到的网络攻击;介绍并分析了位于应用平面、控制平面和中间平台的异常流量检测框架;探讨了异常流量识别机制、负载均衡机制、异常流量追溯机制和异常缓解机制;最后指明SDN异常流量检测在未来工作中的研究方向.
Abstract:Software defined networking (SDN) is new network architecture. SDN separates control layer from data layer and opens network interfaces to realize centralized network control and improve the scalability and the programmability of the network. But SDN is also facing a lot of network security threats. Abnormal traffic detection technologies can protect the network against malicious traffic attacks. This paper presents a comprehensive survey on the abnormal traffic detection of SDN. The possible network attacks on data plane and control plane are overviewed. Abnormal traffic detection frameworks on application plane, control plane, and intermediate platform are introduced and analyzed. The mechanisms of abnormal traffic identification, load balancing, abnormal traffic traceback, and abnormal traffic mitigation are discussed. The future work direction of SDN abnormal traffic detection is pointed out at the end.
基金项目:国家自然科学基金(61672299,61972208);江苏省普通高校研究生科研创新计划 国家自然科学基金(61672299,61972208);江苏省普通高校研究生科研创新计划
Foundation items:National Natural Science Foundation of China (61672299, 61972208); Postgraduate Research & PracticeInnovation Program of Jiangsu Province
XU Yu-Hua,SUN Zhi-Xin.Research Development of Abnormal Traffic Detection in Software Defined Networking.Journal of Software,2020,31(1):183-207