Skip to main content
SpringerLink
Log in

Method for Overflow Attack Defense of SDN Network Flow Table Based on Stochastic Differential Equation

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

In order to avoid the overflow problem of network flow table caused by hackers attacking the network in the process of using the network, a method for overflow attack defense of SDN network flow table based on stochastic differential equation is proposed. In this method, the stochastic differential equation is first proposed, and the drift coefficient and diffusion coefficient of the equation are expanded and adjusted by Taylor. By using the limit theorem, the spillover attack of SDN network is weakly converged to an approximate two-dimensional Markov diffusion process, and the improved stochastic differential equation is obtained. Then, according to the stochastic nature of SDN network attack, the stochastic differential equation is transformed into an amplitude equation, which is based on the amplitude. The equation establishes a SDN attack detection scheme based on flow table statistics, which detects the spillover attacks of SDN network flow tables. Finally, according to the test results, it is proposed to use other switches instead of network flow table overflow switches to control the data upload rate, thus reducing the possibility of network crash and meeting the attack defense requirements of flow table overflow. The simulation results show that the proposed method has better detection performance and shorter running time, and can provide help for network security related work.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Cruz, T., Rosa, L., Proença, J., et al. (2017). A cybersecurity detection framework for supervisory control and data acquisition systems. IEEE Transactions on Industrial Informatics, 12(6), 2236–2246.

    Article  Google Scholar 

  2. Tao, L., Chi, H. L., Wang, W., et al. (2018). USA: Faster update for SDN-based Internet of Things sensory environments. Computer Communications, 120, S0140366417305868.

    Google Scholar 

  3. Zhu, W., Gao, D., Zhao, W., et al. (2017). SDN-enabled hybrid emergency message transmission architecture in internet-of-vehicles. Enterprise Information Systems, 12(2017), 1–21.

    Google Scholar 

  4. Xu, M. D., Gao, Y., & Cui, F. (2018). Distributed deception defense system based on SDN. Journal on Communications, 39(s2), 58–64.

    Google Scholar 

  5. Zhang, L. C., Wei, Q., Tang, X. C., et al. (2017). Path and port address hopping based SDN proactive defense technology. Journal of Computer Research and Development, 54(12), 2761–2771.

    Google Scholar 

  6. Chi, Y. P., Jiang, T. T., Dai, C. P., et al. (2017). Design and implementation of cloud platform intrusion prevention system based on software defined network. Journal of Computer Applications, 37(6), 1625–1629.

    Google Scholar 

  7. Zhang, X. (2017). Stochastic Volterra equations in Banach spaces and stochastic partial differential equation. Journal of Functional Analysis, 258(4), 1361–1425.

    Article  MathSciNet  Google Scholar 

  8. Fan, L. F., Wu, Z. J., Wan, Z., et al. (2017). Experimental investigation of thermal effects on dynamic behavior of granite. Applied Thermal Engineering, 125, 94–103.

    Article  Google Scholar 

  9. Hajlaoui, N., Jabri, I., & Jemaa, M. B. (2018). An accurate two dimensional Markov chain model for IEEE 80211n DCF. Wireless Networks, 24(4), 1019–1031.

    Article  Google Scholar 

  10. Li, C., Yan, W., Yuan, X., et al. (2018). Detection and defense of DDoS attack–based on deep learning in OpenFlow-based SDN. International Journal of Communication Systems, 18(2), e3497.

    Article  Google Scholar 

  11. Gang, W., Giannakis, G. B., & Eldar, Y. C. (2018). Solving systems of random quadratic equations via truncated amplitude flow. IEEE Transactions on Information Theory, 64(2), 773–794.

    Article  MathSciNet  Google Scholar 

  12. Hoque, N., Kashyap, H., & Bhattacharyya, D. K. (2017). Real-time DDoS attack detection using FPGA. Computer Communications, 110, 48–58.

    Article  Google Scholar 

  13. Karimi, H., Mcauley, K. B. (2018) Bayesian objective functions for estimating parameters in nonlinear stochastic differential equation models with limited data. Industrial & Engineering Chemistry Research, 57(27): acs.iecr.8b00293.

  14. Guo, Z., Liu, R., Yang, X., et al. (2017). STAR: Preventing flow-table overflow in software-defined networks. Computer Networks, 125, S1389128617301779.

    Article  Google Scholar 

  15. Guo, Z., Yang, X., Liu, R., et al. (2018). Balancing flow table occupancy and link utilization in software-defined networks. Future Generation Computer Systems, 89: S0167739X18306666.

  16. Pyskunov, S. O., Maksimyk, Y. V., & Valer, V. V. (2016). Finite element analysis of influence of non-homogenous temperature field on designed lifetime of spatial structural elements under creep conditions. Applied Mathematics & Nonlinear Sciences, 1(1), 253–262.

    Article  MathSciNet  Google Scholar 

  17. Li, C., Yan, W., Yuan, X., et al. (2017). Detection and defense of DDoS attack–based on deep learning in OpenFlow-based SDN. International Journal of Communication Systems, 18(2), e3497.

    Google Scholar 

  18. Wang, Y., Bi, J., & Zhang, K. (2017). A tool for tracing network data plane via SDN/OpenFlow. Science China Information Sciences, 60(2), 022304.

    Article  Google Scholar 

  19. Mu, T. Y., Al-Fuqaha, A., Shuaib, K., et al. (2018). SDN flow entry management using reinforcement learning. ACM Transactions on Autonomous and Adaptive Systems, 13(2), 1–23.

    Article  Google Scholar 

  20. Awad, M. K., El-Shafei, M., Dimitriou, T., et al. (2017). Power-efficient routing for SDN with discrete link rates and size-limited flow tables: A tree-based particle swarm optimization approach. International Journal of Network Management, 2(12), e1972.

    Article  Google Scholar 

  21. Lokesha, V., Deepika, T., Ranjini, P. S., et al. (2017). Operations of nanostructures via sdd, abc4 and ga5 indices. Applied Mathematics & Nonlinear Sciences, 2(1), 173–180.

    Article  MathSciNet  Google Scholar 

  22. Turewicz, M., Kohl, M., Ahrens, M. et al. (2017). BioInfra. Prot: A comprehensive proteomics workflow including data standardization, protein inference, expression analysis and data publication. Journal of Biotechnology, 261: S0168165617302869.

Download references

Acknowledgements

This research was supported by State key R&D Program Funding (project number: 2017YFB0802901) and Henan Soft Science Research Program (project number: 18240410108).

Author information

Authors and Affiliations

  1. State Key Laboratory of Mathematics Engineering & Advanced Computing, Information Engineering University, Zhengzhou, 450001, China

    Xinhui Zhao, Qingxian Wang & Zehui Wu

  2. Modern Education Technology Center, Physical Education College of Zhengzhou University, Zhengzhou, 450044, China

    Xinhui Zhao

  3. Engineering Training Center, Zhengzhou University of Light Industry, Zhengzhou, 450002, China

    Rui Guo

Authors
  1. Xinhui Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qingxian Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zehui Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Rui Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rui Guo.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhao, X., Wang, Q., Wu, Z. et al. Method for Overflow Attack Defense of SDN Network Flow Table Based on Stochastic Differential Equation. Wireless Pers Commun 117, 3431–3447 (2021). https://doi.org/10.1007/s11277-021-08086-y

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-021-08086-y

Keywords

Search

Navigation