http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
Improving Scanner Data Collection in P4-based SDN
Yun-Zhan Cai,Chih-Hao Lai,Yu-Ting Wang,Meng-Hsun Tsai 한국통신학회 2020 한국통신학회 APNOMS Vol.2020 No.09
Port scanning is a well-known behavior when a botnet searches target devices. To detect port scanning accurately, data with high discriminatory power are indispensable. Most related works, however, focus on data analysis methods but neglect storage limitations of switches, which makes their methods impractical. Therefore, we propose a new data collection method for collecting network information of port scanning in P4-based SDN named 0-replacement. Through simulations, we compare the 0-replacement method with two classic data collection methods. Results show that the 0-replacement method improves the true positive ratio by at least 25 percentage points but only consumes 0.36% memory space.
Mitigating SYN flooding Attack and ARP Spoofing in SDN Data Plane
Ting-Yu Lin,Jhen-Ping Wu,Pei-Hsuan Hung,Ching-Hsuan Shao,Yu-Ting Wang,Yun-Zhan Cai,Meng-Hsun Tsai 한국통신학회 2020 한국통신학회 APNOMS Vol.2020 No.09
As the number of network devices increases rapidly, it becomes more and more difficult to defend network attacks. Large-scaled attacks, such as SYN flooding, may lead to heavy burden to the switches as well as the controller in a software defined network (SDN). In this paper, we investigate the SYN flooding and Address Resolution Protocol (ARP) spoofing attacks in SDN, and then propose mechanisms to address these two attacks. We also present a new scheme to detect SYN flooding by using only a few forwarding rules. Moreover, we utilize the Programming Protocol-independent Packet Processors (P4) technique to mitigate the burden of the controller.