Генетичний алгоритм захисту SDN від мережевих атак
This paper examines the problem of detecting and blocking network attacks using SDN. This problem is formulated as the problem of finding the "correct" vector, in fact, it is the task of the binary integer programming. The DDoS-attack is used as a network attack. A mathematical model of th...
Збережено в:
| Дата: | 2016 |
|---|---|
| Автор: | |
| Формат: | Стаття |
| Мова: | Російська |
| Опубліковано: |
The National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute"
2016
|
| Теми: | |
| Онлайн доступ: | http://journal.iasa.kpi.ua/article/view/56028 |
| Теги: |
Додати тег
Немає тегів, Будьте першим, хто поставить тег для цього запису!
|
| Назва журналу: | System research and information technologies |
Репозитарії
System research and information technologies| Резюме: | This paper examines the problem of detecting and blocking network attacks using SDN. This problem is formulated as the problem of finding the "correct" vector, in fact, it is the task of the binary integer programming. The DDoS-attack is used as a network attack. A mathematical model of the problem and algorithm to identify sets of attacking hosts from the recorded data is developed. Upon detection of the set, the problem is reduced to the problem of preventing the attack, which means blocking IP-addresses. To evaluate the effectiveness of the proposed algorithm of intrusion detection, experimental studies have been conducted. To simulate SDN networks, Mininet network emulator was used. The task of the binary integer programming was solved. The analysis of results confirms that using SDN advantages, namely, centralized management and flexibility, we were able to implement a genetic algorithm, which protected the network from one of the most common network attacks — DDoS. |
|---|