ZTE Communications ›› 2020, Vol. 18 ›› Issue (4): 18-25.DOI: 10.12142/ZTECOM.202004004

• Special Topic • Previous Articles     Next Articles

DDoS Attack Detection Method for Space-Based Network Based on SDN Architecture

JIA Min1(), SHU Yuejie1, GUO Qing1, GAO Zihe2, XIE Suofei2   

  1. 1.Communication Research Center, School of Electronics and Information Engineering, Harbin Institute of Technology, Harbin 150006, China
    2.Institute of Telecommunication Satellite, China Academy of Space Technology, Beijing 100094, China
  • Received:2020-09-29 Online:2020-12-25 Published:2021-01-13
  • About author:JIA Min (jiamin@hit.edu.cn) received her M.Sc degree in information and communication engineering from Harbin Institute of Technology (HIT), China in 2006 and Ph.D. degree from SungKyungKwan University of Korea and HIT in 2010. She is currently a professor and Ph.D. supervisor with the School of Electronic and Information Engineering, HIT. Her research interests include advanced digital signal processing and integrated satellite and terrestrial communication systems.|SHU Yuejie received her B.S. and M.Sc degrees from Harbin Institute of Technology, China in 2018 and 2020, respectively. Her research interest focuses on software defined networking applications.|GUO Qing received his M.Sc. degree from Beijing University of Post and Telecommunications, China in 1985 and and Ph.D. degree from Harbin Institute of Technology (HIT), China in 1998. He is currently a professor and the dean of the School of Electronics and Information Engineering, HIT. His research interest focuses on satellite communications.|GAO Zihe received the B.S. degree in electronics and information engineering, the M.E. degree in signal and information processing, and the Ph.D. degree in information and communication engineering from Harbin Institute of Technology, China in 2005, 2007 and 2011, respectively. At present, he is mainly engaged in the research of satellite communication technology at the Insititute of Telecommunication Satellite, China Academy of Space Technology.|XIE Suofei received his B.S. and M.Sc degrees in communication and information system from Chongqing University, China. He is an engineer with the Institute of Telecommunication Satellite, China Academy of Space Technology. His research interest focuses on satellite communications.
  • Supported by:
    the National Natural Science Foundation of China(61671183)

Abstract:

With the development of satellite communications, the number of satellite nodes is constantly increasing, which undoubtedly increases the difficulty of maintaining network security. Combining software defined network (SDN) with traditional space-based networks provides a new class of ideas for solving this problem. However, because of the highly centralized network management of the SDN controller, once the SDN controller is destroyed by network attacks, the network it manages will be paralyzed due to loss of control. One of the main security threats to SDN controllers is Distributed Denial of Service (DDoS) attacks, so how to detect DDoS attacks scientifically has become a hot topic among SDN security management. This paper proposes a DDoS attack detection method for space-based networks based on SDN architecture. This attack detection method combines the optimized Long Short-Term Memory (LSTM) deep learning model and Support Vector Machine (SVM), which can not only make classification judgments on the time series, but also achieve the purpose of detecting and judging through the flow characteristics of a period of time. In addition, it can reduce the detection time as well as the system burden.

Key words: space-based network, SDN, DDoS attack, LSTM, SVM