Ddos attack detection and mitigation method for industrial sdn network

Abstract

The present invention relates to a DDoS attack detection and mitigation method for an industrial SDN network, and belongs to the field of network security. According to the method, by means of the cooperation between an east-west interface of an SDN controller in an industrial backhaul network and a system manager of an industrial access network, in conjunction with the features of the industrial backhaul network and an industrial access network data packet, a flow entry matching field of an OpenFlow switch is extended, and a flow table 0 is set to be a 'flow table dedicated to DDoS attack mitigation' for defending against an attacking data flow in a timely manner. By using the SDN controller of an industrial backhaul network and a DDoS attack detection and mitigation system, an attacking data flow is identified and a DDoS attack source is found, and the policy of mitigating a DDoS attack is implemented by means of scheduling a system manager of the industrial access network. According to the present invention, the normal traffic of an industrial backhaul network and an industrial access network is ensured, and a threat posed by a DDoS attack to the security of an industrial network is overcome.