SDN下基于突变模型的DDoS攻击检测

Software Defined Network (SDN) is a new type of network that separates the control plane, data plane, and application plane. It has the advantages of centralized control and programmability, and solves many problems in traditional networks. But SDN still has certain problems in the face of DDoS attacks. This paper proposes a DDoS detection method based on a cusp catastrophe model. By analyzing the behavioral characteristics of DDoS attacks and the characteristics of the flow table under SDN, an improved control variable and state variable based on the flow table are proposed for the model. Finally, this paper also collected data through simulation experiments, and conducted multiple comparison experiments with common methods.After analyzing the experimental results, it is concluded that this method can effectively detect DDoS attacks, and has a higher detection rate and a lower false alarm rate than other methods.