網路安全日益重要,尤其是DDoS攻擊迅速增長,已成為國家安全議題。傳統的網路結構因為其缺乏靈活性,並需要使用特殊的設備來應對這類的攻擊。SDN架構因其靈活性、可程式化及開放性,逐漸受到市場的認可。然而,SDN中的Controller恐成為攻擊的目標,已一些文獻利用SDN的特性來防禦DDoS攻擊。近年來,隨著機器學習領域的巨大進步,有些研究也開始運用深度學習來抵禦DDoS攻擊,雖然這些研究在準確度方面表現良好,但它們引用的數據集可能過於陳舊,或者無法驗證真實性。深度學習中的CNN模型被廣泛用於分類問題,正好適合於偵測DDoS攻擊。
本研究提出一學習模型,利用CNN模型搭配DDoS資料集,從網絡流量序列中學習模式並追踪網絡攻擊活動,並實作於SDN環境上進行測試。實驗結果顯示,F1-Score可達0.70。
Network security is becoming increasingly critical, particularly with the rapid growth of DDoS attacks, which have escalated to become national security concerns. Traditional network structures are hindered by their lack of flexibility and the need for specialized equipment to combat such attacks. SDN architecture, on the other hand, is gaining ac-ceptance in the market due to its flexibility, programmability, and openness. However, the Controller in SDN could become a target for attacks, leading to some research exploring the use of SDN features to defend against DDoS attacks. In recent years, with significant advancements in machine learning, some studies have begun employing deep learning to counter DDoS attacks. While these studies exhibit promising accuracy, the datasets they reference may be outdated or lack verifiability. CNN models, commonly used in classifi-cation tasks within deep learning, are particularly suitable for detecting DDoS attacks.
This study proposes a learning model that utilizes a CNN model combined with DDoS datasets to learn patterns from network traffic sequences and trace network attack activities. It is implemented and tested within an SDN environment. The experimental re-sults show that the F1-Score can reach 0.70.
