XJIPC OpenIR  > 多语种信息技术研究室
Thesis Advisor程力
Degree Grantor中国科学院大学
Place of Conferral北京
Degree Discipline计算机技术
Keyword软件定义网络 云平台 流量异常检测 网络安全


Other Abstract
In those years, cloud computing as a new service model has become one of the most interesting topics in the field of information technology. With the rapid development of cloud computing, dynamic changes brought by server virtualization and other new technologies make the manageability of network facing severe challenges, and the current network architectures cannot meet the new requirements. As the increasing complexity of hybrid cloud networks becomes a bottleneck of cloud computing, a potential solution, SDN has gained great attentions from both industry and academic. By separating the network control plane and data plane, OpenFlow based SDN architecture can abstract the underlying infrastructure, make the network scale programming and centralized management. In the network security domain, due to the introduction of virtualization technology, which breaking the manner of division boundaries of traditional network, network boundaries become blurred and dynamic. At the same time, the constantly expand scales of the cloud also make it possible to launched attacks from inside. Faced with these emerging issues, traditional security techniques cannot achieve effective security. SDN's emergence has also brought a new perspective for cloud computing security, it’s technical features show that can make a timely response to a cloud computing environment dynamic changes. So far, research on utilizing SDN in network attack detection is still in its inception phase. Specifically, it has not been evaluated whether SDN can efficiently detect internal network attacks in a cloud environment. In this research, firstly, the security of cloud computing research in recent years were analyzed, in particular a detailed summary of new achievements for cloud computing security brought by SDN. Subsequently, based on the analysis SDN technology framework, towards the complexity of the internal network for cloud computing environments and new security requirements, proposed anomaly detection scheme based on SDN and described in detail from the design, modules and so on. Finally, we implement both SDN and traditional network infrastructures based on OpenStack platform. We simulate both flood and port-scan attacks and utilize two types of traffic anomaly detection algorithms. Experiment results indicates that the SDN method shows better performance in memory usage without degrading its accuracy, while it also suffers performance bottleneck when directly deployed into SDN controllers.
Document Type学位论文
Recommended Citation
GB/T 7714
马超. 云环境下基于SDN的流量异常检测技术研究[D]. 北京. 中国科学院大学,2015.
Files in This Item:
File Name/Size DocType Version Access License
云环境下基于SDN的流量异常检测技术研究(786KB)学位论文 开放获取CC BY-NC-SAView Application Full Text
Related Services
Recommend this item
Usage statistics
Export to Endnote
Google Scholar
Similar articles in Google Scholar
[马超]'s Articles
Baidu academic
Similar articles in Baidu academic
[马超]'s Articles
Bing Scholar
Similar articles in Bing Scholar
[马超]'s Articles
Terms of Use
No data!
Social Bookmark/Share
File name: 云环境下基于SDN的流量异常检测技术研究.pdf
Format: Adobe PDF
All comments (0)
No comment.

Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.