Abstract
In this paper, we investigate the problem of multiple network domains being threatened by Distributed Denial-of-Service (DDoS) attacks, in which a DDoS attack detection scheme is constructed based on the Software Defined Networks (SDN) hierarchical distributed control plane architecture. Specifically, we propose a two-level detection framework for collaborative DDoS attack detection in multi-domain scenarios. To detect the signs of DDoS attacks as early as possible on the attack path, a first-level coarse-grained anomaly detection method based on the Rényi entropy algorithm is proposed. The purpose is to calculate the feature entropy of normal and abnormal traffic in a simple statistical way within the local network domain, achieving rapid perception of network anomalies. Then, the root server aggregates all abnormal traffic data uploaded by each local network domain, and the DCNN-LSTM algorithm based on a hybrid deep learning model as the second-level detection method extracts the features of the suspicious traffic from both temporal and spatial dimensions to achieve fine-grained DDoS attack classification. Finally, theoretical analysis and experimental results indicate that the proposed two-level detection method in multi-domain scenarios is effective and feasible, while with high detection accuracy.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
