CN105516091B - A kind of safe flow filter and filter method based on SDN controllers - Google Patents
A kind of safe flow filter and filter method based on SDN controllers Download PDFInfo
- Publication number
- CN105516091B CN105516091B CN201510852333.1A CN201510852333A CN105516091B CN 105516091 B CN105516091 B CN 105516091B CN 201510852333 A CN201510852333 A CN 201510852333A CN 105516091 B CN105516091 B CN 105516091B
- Authority
- CN
- China
- Prior art keywords
- stream
- network
- sdn
- management module
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to computer technology and network field more particularly to a kind of safe flow filter and filter method based on SDN controllers.The present invention can allow from various types of unknown flow rate information in SDN controllers are written before flow table, safe flow filter is established in the necessary place of stream, allow the analyzing processing that it is flowed, identify various attacks or sniff flow, the legitimacy for ensureing data in flow table, makes up the deficiency that fire wall is brought.The present invention is transparent to existing network, need not change any network element and framework of existing network, and DPDK drivers is used to make traffic filtering ultrahigh in efficiency, does not influence network performance.The present invention, using minimum investment, reinforces the safety of whole network under the early period for not changing already existing SDN network.
Description
Technical field
The present invention relates to computer technology and network field more particularly to software defined network (SDN) and network security controls
Field processed.
Background technology
For the new technology of innovation, people are easy to ignore safety problem.Inventor notices several when disposing SDN
A safety problem so that SDN technologies face lot of challenges, if malicious data flow, interchanger flow table are distorted, vulnerability of application program,
Data management confidentiality and availability threaten etc., these are all attacks common in traditional network, are still deposited in SDN network
.Most software defines the safety problem of network mainly around controller itself, and controller is considered exchange/routing
" brain ", it allows the control plane from each system to be managed concentratedly.For controller once failing, whole network will
Collapse.For safety manager, the ultimate challenge of SDN is to protect controller at all costs." brain " now
It takes out from router or interchanger, and is substituted using new controller.One critically important safety problem is to understand
The position of controller and controller in a network was accessed with whom is audited, access controller may allow attacker to control completely,
Therefore, it is necessary to protect the safety of controller.
The maintenance of the network information on the controller, generally relies on and opens up special memory module.Controller and application program
According to network state distributing policy.The network information that controller is safeguarded is divided into static and two kinds of dynamic.Due to controllable according to
The network information executes corresponding function in a network, can just generate destruction to network transmission when information is illegally written, therefore control
The safety problem of network maintenance of information refers mainly to data integrity on device processed and availability is destroyed.Data information is by rogue program
Or attacker distorts, and is problem common in traditional network.When multi controller systems work, the controller that is tampered can be with
The information of other controllers is changed by East and West direction interface, and SDN switch can be also changed by the interface in north-south and applies journey
The information of sequence upsets correct control logic and user data.Multi-controller coordinated management is the presence of availability of data, than
Such as, there is the network information that all controllers that mistake causes to negotiate therewith all obtain mistake in a controller node, influences most
The strategy of whole data flow.The northbound interface access controller that application program is provided by controller calls controller management money
If source still will appear common non-in traditional network without function modules such as authentication, rights management, log managements
The access of method application program, bypasses the safety problems such as audit trail at application program unauthorized operation.In addition, multiple application programs are simultaneously
Strategy may be caused inconsistent due to the missing of control logic completeness when operation, be mainly shown as policy conflict and local plan
The problems such as slightly failing.
Target of attack may be locked as the network element in network by attacker.Theoretically, attacker can illegally obtain pair
The physics of network or virtual access power, or the host being connect with SDN is threatened, then offensive attack destroys the stabilization of network element
Property.This attack is similar to refusal service (DoS) attack or a kind of fuzzy attack for attempting attack network element.Controller at present
Communication between network element has used a large amount of API (application programming interface) and communication protocol.The communication of SDN south orientations may
Use OpenFlow (OF), Open vSwitch data base administrations agreements (OVSDB), path computation element communication protocol
(PCEP), route system interface (I2RS), BGP-LS, OpenStack Neutron, Family administration infrastructure (OMI),
Puppet, Chef, Diameter, Radius, NETCONF, scalable message processing Presence Protocol (XMPP), positioning/mark point
From agreement (LISP), Simple Network Management Protocol (SNMP), CLI, embedded task manager (EEM), Cisco onePK, application
The agreements such as center infrastructures (ACI), Opflex.These agreements, which respectively suffer from some, to be ensured and network element communication security
Method.Nevertheless, many agreements are all very new, deployers may there is no they are arranged in a manner of safest.
In current SDN security attacks, attacker can be attempted some new stream instantiations extremely using these agreements
In the flow table of equipment.Attacker can attempt to forge some new streams, should not be allowed through by the flow of network with allowing.Although
Flow orientation is responsible for that flow is instructed to attack but if attacker can create the stream that can get around flow orientation by fire wall
The person of hitting will success attack.If attacker can control the direction of traffic steering oneself setting, they may attempt
Sniff is carried out to flow using this function, " go-between (MITM) " is then mobilized to attack.
The technology used due to the security management of current SDN network is mostly and the technology of traditional network is similar, and also
Do not form the technology and equipment protected specifically for SDN network, and traditional technology excessively complex redundancy, maintenance cost
Also very high, in the case where current SDN network does not also have considerable scale, appropriate is not high.With SDN network safety
Sex chromosome mosaicism increasingly significantly, the various security protocols for SDN network can also continuously emerge, the expansible energy of traditional safe practice
Power is insufficient, is lost the marrow of software definition (Software Define).
Invention content
For the deficiency of background technology, the present invention can allow from various types of unknown flow rate information in write-in SDN controls
In device processed before flow table, safe flow filter is established in the necessary place of stream, the analyzing processing for allowing it to be flowed, identification is various to attack
(go-between, Dos etc.) or sniff flow are hit, ensures the legitimacy of data in flow table, makes up the deficiency that fire wall is brought.Simultaneously
The present invention can handle and control SDN switch ACL, can set up stream view, all kinds of policy libraries, rule base and day in the overall situation
Will library etc., can dynamic realtime manage safety equipment, according to policy co-ordination safety devices.
The technical scheme is that:A kind of safe flow filter based on SDN controllers, including stream monitor, stream are used
Family management module, stream generator, policing rule management module, safety equipment management module, security information library, it is characterised in that:
It is logically in the Orchestration Layer of SDN controller north orientations, data flow passes through SDN controllers
Pass through the control and management of Orchestration Layer before;
The stream user management module obtains user information, is passing through policing rule management module after the approval, will
Security information library is written in user information;If the audit fails, belong to disabled user, directly to Orchestration Layer
The management module of layer sends warning message;
Flow monitor:Using DPDK frameworks and driver, SDN network north orientation application program and East and West direction SDN controls are monitored
The various streams that device processed is sent are audited according to whether the information convection current of policing rule management module submission is legal, if legal
The stream is then sent to stream maker module to be forwarded, otherwise sends warning message;
Flow generator:Using DPDK drivers, into network, some SDN controller forwards stream information;Flow generator solution
The stream information that monitor for flowing provides is analysed, the stream is obtained and needs the target object sent, is believed from safety according to target object information
Inquiry target controller north orientation or East and West direction nuclear interface standardizing data in library are ceased, the parsing of standard agreement is then carried out to it, weight
The new packing stream keeps it consistent with sending object controller, stream identical for source and destination standard, which only carries out thoroughly
It passes
Policing rule management module:Security strategy and specification in the module definition SDN network only meet these strategies
It is legal to be only with the stream of rule;
Safety equipment management module:The conventional safety apparatus that the module management is now netted, and be recorded in security information library;
Security information library:User stores the data information of entire SDN network.
According to the safe flow filter as described above based on SDN controllers, it is characterised in that:The stream user management
The user information that module obtains specifically includes:The north orientation application program of SDN network and transmeridional SDN controllers are connected, to SDN
Known application service and adjacent SDN controllers are registered in network, obtain north orientation application program and transmeridional SDN controls
The user information that device processed is sent.
A kind of safe filtration method based on SDN controllers, it is characterised in that:It includes the following steps:
Flow user management module according in the automatic detection network of the stream information received with known north orientation application program
With transmeridional SDN controller informations, and these information are recorded in security information library;
Safety equipment management module can be in detection network conventional safety apparatus, and by facility information and their strategy and
In regular record to this system security information library;
Monitor for flowing is waited for by what DPDK drivers, reception north orientation application program and transmeridional SDN controllers were sent
The stream of examination, and trigger policy rules administration module, unexamined stream is monitored repeatedly;
Policing rule management module audits unexamined data flow with the security strategy of its definition, to monitor for flowing
Whether return audits the message passed through;
Policy management module periodically sends message to safety equipment management module, obtains the newer safety of conventional safety apparatus
Strategy and rule;
It examines that legal rear monitor for flowing gives legal circulation to stream generator, passes through DPDK drivers and be packaged simultaneously SDN
Controller forwards.
The beneficial effects of the invention are as follows:
The present invention can prevent attacker from establishing the stream for getting around flow orientation, evade the protection of fire wall, to SDN network
Core network element is attacked.The present invention is transparent to existing network, need not change any network element and framework of existing network,
And DPDK drivers is used to make traffic filtering ultrahigh in efficiency, network performance is not influenced, and self-defined with elastic software
Ability, concrete application can be directed to and build global safety control strategy, stream view and respective security rule base etc..It is not repairing
Under the early period for changing already existing SDN network, using minimum investment, the safety of whole network is reinforced.The system returns SDN
The north orientation user of network provides a kind of ability of safety virtualization network insertion.The present invention is also adapted to SDN network future simultaneously
The requirement of safety has reserved space for the extension of its safety.
Description of the drawings
Fig. 1 is this system structure chart;
Fig. 2 is the work flow diagram of this system.
Specific implementation mode
Explanation of nouns:SDN controllers are the application programs in software defined network (SDN), are responsible for flow control to ensure
Intelligent network.SDN controllers be based on agreements such as such as OpenFlow, allow server tell interchanger to where transmission data
Packet.
SDN network:By separating network equipment control plane with data surface, to realize the flexible of network flow
Control, good platform is provided for the innovation of core network and application.
Orchestration Layer:Service orchestration layer i.e. in SDN network, it is one and is in SDN controllers and industry
A level of abstraction between business layer.To occur a large amount of SDN Controller according to the difference of network element and network, in telecommunication network,
Such as:Core I P bearer networks, core OTN transmission nets, service control layer, wireless carrier network, fixed access network network etc. are corresponding
The SDN controllers of oneself.Therefore, it when these same types or different type SDN controllers provide service upwards, uses
Orchestration layers are further abstracted numerous controllers and virtualizing network resources, more in order to operation layer
It is flexible to call Internet resources.
Below in conjunction with attached drawing, the present invention is described further.
As shown in Figure 1, the safe flow filter of the present invention is that an individual security procedure module is installed and runs on SDN
In the server with north orientation and East and West direction interface access capability of Orchestration layers in network.If network compares
Simply, only there are one SDN controllers, also can directly be installed as a common java program and run on SDN controls
In device.
As shown in Figure 1, the safe flow filter of the present invention is made of 5 modules and a database, including stream monitoring
Device, stream user management module, stream generator, policing rule management module, safety equipment management module, security information library.
Flow user management module:The module major function is the north orientation application program for connecting SDN network and transmeridional SDN
Controller registers known application service in SDN network and other adjacent SDN controllers, obtains these directions
User information is sent, after the approval, security information library is being written by policing rule management module;If the audit fails,
Belong to disabled user, directly sends warning message to the management module of Layer layers of Orchestration.
Flow monitor:Use DPDK (Data Plane Development Kit) framework of the newest release of Intel Company
And driver, the efficient various streams for monitoring SDN network north orientation application program and the transmission of East and West direction SDN controllers, according to plan
Whether the information that slightly rules administration module is submitted is legal to these streams to be audited, and the stream, which is sent to stream, if legal generates
Device module is forwarded, and otherwise sends warning message.
Flow generator:Using DPDK drivers, efficiently into network, some SDN controller forwards stream information.Stream life
The stream information that parsing monitor for flowing of growing up to be a useful person provides, obtains the stream and needs the target object that sends, according to target object information from peace
Inquiry target controller north orientation or East and West direction nuclear interface standardizing data in full property information bank, then carry out the solution of standard agreement to it
Analysis, repacking the stream keeps it consistent with sending object controller.Stream identical for source and destination standard, the module only into
Row transparent transmission.Since the agreement of SDN northbound interfaces does not standardize, there are different vendors to use respective distinctive agreement, the module
The easy-to-use interface of simplicity of script edit can be used by providing a whole set of, can dynamically be compatible with the SDN controls of different vendor
Device.
Policing rule management module:A series of security strategy and specification in the module definition SDN network, only meet this
It is legal that a little strategies and the stream of rule are only.Such as:Certain attacker disposes the SDN controllers of oneself, the control legal to other
OF interchangers under device issue flow table item, and " pseudo- cartridge controller " can change interchanger forward-path.In this case, stream prison
A new traffic flow information not registered can be checked and be transmitted to this resume module by surveying device, policing rule management module
According to the header packet information of the data flow, analyse whether by encryption and certification, while the log-on message of query safe information bank obtains
It takes the stream whether effective, conventional safety apparatus can also be issued if necessary and differentiated, after confirming that the data flow is illegal, stream
User management module can give the application program of each north orientation and transmeridional controller group to send out warning message, while flow generator meeting
Failure code is sent to " pseudo- cartridge controller ", termination communicates with.Administrator can define these rules, while can also pass through
Safety equipment management module obtains the security strategy and rule in conventional safety apparatus.
Safety equipment management module:The conventional safety apparatus that the module management is now netted, for example, each producer fire wall etc.,
It registers its position, dynamic scan and obtains the security strategy and rule in these equipment, and be recorded in security information library.
Security information library:The module is a database, and user stores the user of entire SDN network, strategy, rule, sets
The information such as standby and daily record.
As shown in Fig. 2, the safe filtration method based on SDN controllers of the present invention is:
1. after safe flow filter starts, stream user management module has according in the automatic detection network of the stream information received
There are known north orientation application program and transmeridional SDN controller informations, and these information are recorded in security information library.
2. simultaneously, the conventional safety apparatus in safety equipment management module meeting detection network, by these facility informations and it
Strategy and regular record to this system security information library in.
3. monitor for flowing is by DPDK drivers, efficient to receive north orientation application program and transmeridional SDN controllers
The unexamined stream sent, and trigger policy rules administration module, unexamined stream is monitored repeatedly.
4. the security strategy defined in policing rule management module is audited, pass through to whether monitor for flowing return is audited
Message.
5. the security strategy in the self-defined policy management module of network administrator, the module is simultaneously periodically to safety equipment pipe
It manages module and sends message, obtain the newer security strategy of conventional safety apparatus and rule.
6. examining that legal rear monitor for flowing gives legal circulation to stream generator, it is packaged simultaneously by DPDK drivers
SDN controllers forward.This module provides the frames and interface of the access of a set of north orientation, script can be used according to different factories
The SDN controllers of quotient write the agreement of SDN network northbound interface access.
The safe flow filter based on SDN controllers of the present invention can use high-level language java and script python real
Existing, user can give according to different SDN agreements and security protocol Normalization rule script customizes different interfaces, also may be used
Access way is realized using high-level language, the following unknown SDN protocol specifications and safety are assisted according to the interface that system defines
View only need to increase corresponding adaptation module, using simple and flexible, provide the convenient secondary development environment of user.
The present invention, which can allow, before flow table, to flow from various types of unknown flow rate information in SDN controllers are written
Necessary place establish safe flow filter, the analyzing processing for allowing it to be flowed, identify various attacks (go-between, Dos etc.) or
Person's sniff flow ensures the legitimacy of data in flow table, makes up the deficiency that fire wall is brought.The security filter can be located simultaneously
Reason and control SDN switch ACL, can set up stream view, all kinds of policy libraries, rule base and the daily record library etc. in the overall situation, can
Dynamic realtime manages safety equipment, according to policy co-ordination safety devices.
Claims (3)
1. a kind of safe flow filter based on SDN controllers, including stream monitor, stream user management module, stream generator, plan
Slightly rules administration module, safety equipment management module, security information library, it is characterised in that:
It is logically in the Orchestration Layer of SDN controller north orientations, data flow is passed through before SDN controllers
By the control and management of Orchestration Layer;
The stream user management module obtains user information, is passing through policing rule management module after the approval, by user
Security information library is written in information;If the audit fails, belong to disabled user, directly to Layer layers of Orchestration's
Management module sends warning message;
Flow monitor:Use DPDK(Data Plane Development Kit)Framework and driver, monitoring SDN network north
The various streams sent to application program and East and West direction SDN controllers, the information convection current submitted according to policing rule management module are
It is no it is legal audited, if legal by the stream be sent to stream maker module be forwarded, otherwise send warning message;
Flow generator:Use DPDK(Data Plane Development Kit)Framework and driver, into network some
SDN controllers forward stream information;The stream information that generator parsing monitor for flowing provides is flowed, the stream is obtained and needs the target pair sent
As, target controller north orientation or East and West direction nuclear interface standardizing data are inquired from safety information library according to target object information,
Then the parsing of standard agreement is carried out to it, repacking the stream keeps it consistent with sending object controller, for source and destination
The identical stream of ground standard, the module only carry out transparent transmission
Policing rule management module:Security strategy and specification in the module definition SDN network only meet these strategies and rule
It is legal that stream then is only;
Safety equipment management module:The conventional safety apparatus that the module management is now netted, and be recorded in security information library;
Security information library:User stores the data information of entire SDN network.
2. the safe flow filter according to claim 1 based on SDN controllers, it is characterised in that:The stream user
The user information that management module obtains specifically includes:The north orientation application program of SDN network and transmeridional SDN controllers are connected,
Known application service in SDN network and adjacent SDN controllers are registered, north orientation application program and transmeridional is obtained
The user information that SDN controllers are sent.
3. a kind of safe filtration method based on SDN controllers, it is characterised in that:It includes the following steps:
Flow user management module according in the automatic detection network of the stream information received with known north orientation application program and east
West to SDN controller informations, and these information are recorded in security information library;
Safety equipment management module can be in detection network conventional safety apparatus, and by the strategy and rule of facility information and they
It is recorded in this system security information library;
Monitor for flowing passes through DPDK(Data Plane Development Kit)Driver, receive north orientation application program and
The unexamined stream that transmeridional SDN controllers are sent, and trigger policy rules administration module, unexamined is flowed into repeatedly
Row monitoring;
Policing rule management module audits unexamined data flow with the security strategy of its definition, is returned to monitor for flowing
Whether the message that audit passes through;
Policy management module periodically sends message to safety equipment management module, obtains the newer security strategy of conventional safety apparatus
And rule;
It examines that legal rear monitor for flowing gives legal circulation to stream generator, passes through DPDK(Data Plane
Development Kit)Driver is packaged and the forwarding of SDN controllers.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510852333.1A CN105516091B (en) | 2015-11-27 | 2015-11-27 | A kind of safe flow filter and filter method based on SDN controllers |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510852333.1A CN105516091B (en) | 2015-11-27 | 2015-11-27 | A kind of safe flow filter and filter method based on SDN controllers |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105516091A CN105516091A (en) | 2016-04-20 |
CN105516091B true CN105516091B (en) | 2018-09-25 |
Family
ID=55723729
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510852333.1A Active CN105516091B (en) | 2015-11-27 | 2015-11-27 | A kind of safe flow filter and filter method based on SDN controllers |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105516091B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107181738B (en) * | 2017-04-25 | 2020-09-11 | 中国科学院信息工程研究所 | Software intrusion detection system and method |
CN107682312A (en) * | 2017-08-25 | 2018-02-09 | 中国科学院信息工程研究所 | A kind of security protection system and method |
CN110830469A (en) * | 2019-11-05 | 2020-02-21 | 中国人民解放军战略支援部队信息工程大学 | DDoS attack protection system and method based on SDN and BGP flow specification |
CN114338496B (en) * | 2020-10-12 | 2023-09-05 | 中移(苏州)软件技术有限公司 | Resource forwarding method, device, terminal and computer storage medium |
CN112769748B (en) * | 2020-12-07 | 2022-05-31 | 浪潮云信息技术股份公司 | DPDK-based ACL packet filtering method |
CN113132349A (en) * | 2021-03-12 | 2021-07-16 | 中国科学院信息工程研究所 | Agent-free cloud platform virtual flow intrusion detection method and device |
CN113132382B (en) * | 2021-04-19 | 2022-09-02 | 中文出版集团有限公司 | Intelligent computer network information safety controller |
CN115967642A (en) * | 2021-11-04 | 2023-04-14 | 贵州电网有限责任公司 | Software defined network-based method for detecting quality of east-west link in cloud |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015009404A1 (en) * | 2013-07-18 | 2015-01-22 | Palo Alto Networks, Inc. | Packet classification for network routing |
CN104539625A (en) * | 2015-01-09 | 2015-04-22 | 江苏理工学院 | Network security defense system based on software definition and working method thereof |
CN104967615A (en) * | 2015-06-03 | 2015-10-07 | 浪潮集团有限公司 | Secure SDN controller and network security method based on same |
CN105072085A (en) * | 2015-07-03 | 2015-11-18 | 北京航空航天大学 | Flow rule validity authentication method under software-defined networking |
-
2015
- 2015-11-27 CN CN201510852333.1A patent/CN105516091B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015009404A1 (en) * | 2013-07-18 | 2015-01-22 | Palo Alto Networks, Inc. | Packet classification for network routing |
CN104539625A (en) * | 2015-01-09 | 2015-04-22 | 江苏理工学院 | Network security defense system based on software definition and working method thereof |
CN104967615A (en) * | 2015-06-03 | 2015-10-07 | 浪潮集团有限公司 | Secure SDN controller and network security method based on same |
CN105072085A (en) * | 2015-07-03 | 2015-11-18 | 北京航空航天大学 | Flow rule validity authentication method under software-defined networking |
Also Published As
Publication number | Publication date |
---|---|
CN105516091A (en) | 2016-04-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105516091B (en) | A kind of safe flow filter and filter method based on SDN controllers | |
CN109347830B (en) | Network dynamic defense system and method | |
CN103597795B (en) | The system and method for the identity of the assembly that certification is found in infinite bandwidth (IB) network | |
CN101438255B (en) | Network and application attack protection based on application layer message inspection | |
US7234168B2 (en) | Hierarchy-based method and apparatus for detecting attacks on a computer system | |
US6775657B1 (en) | Multilayered intrusion detection system and method | |
CN106850690B (en) | Honeypot construction method and system | |
CN107251514A (en) | For the technology for the scalable security architecture for virtualizing network | |
CN110086825B (en) | Unmanned aerial vehicle power inspection data safety transmission system and method | |
CN109688105A (en) | A kind of threat warning message generation method and system | |
CN110493238A (en) | Defence method, device, honey pot system and honey jar management server based on honey jar | |
Kabulov et al. | Security Threats and Challenges in Iot Technologies | |
Dineva et al. | Security in IoT systems | |
Toker et al. | Mitre ics attack simulation and detection on ethercat based drinking water system | |
CN105704093B (en) | A kind of firewall access control policy error-checking method, apparatus and system | |
CN102045310B (en) | Industrial Internet intrusion detection as well as defense method and device | |
Tawfik et al. | Internet of things-based middleware against cyber-attacks on smart homes using software-defined networking and deep learning | |
Vasiyeva | SECURITY THREATS IN IOT TECHNOLOGIES | |
KR20120043466A (en) | Method and apparatus for managing enterprise security based on information provided by intrusion detection system | |
CN116232770B (en) | Enterprise network safety protection system and method based on SDN controller | |
Krishnan et al. | Mitigating DDoS attacks in software defined networks | |
Dey et al. | A context-adaptive security framework for mobile cloud computing | |
Chiu et al. | Detecting DoS and DDoS attacks by using CuSum algorithm in 5G networks | |
Ortiz-Garcés et al. | Automation Tasks Model for Improving Hardening Levels on Campus Networks | |
Subburaj et al. | Discover Crypto-Jacker from Blockchain Using AFS Method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |