首页>
外国专利>
SDN-BASED DDOS ATTACK PREVENTION METHOD, DEVICE AND SYSTEM
SDN-BASED DDOS ATTACK PREVENTION METHOD, DEVICE AND SYSTEM
展开▼
机译:基于SDN的ddos攻击预防方法,装置及系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
An SDN-based DDOS attack prevention method, device and system, the method comprising: issuing, via a controller, to a first packet forwarding device a traffic statistic instruction, the traffic statistic instruction instructing the first packet forwarding device to count traffics and carrying a destination IP address; collecting, by the controller, statistic data reported by the first packet forwarding device, the statistic data comprising traffic statistic information flowing to the destination IP address; acquiring, by the controller, and according to the statistic data, a global traffic statistic value flowing to the destination IP address; determining whether the global traffic statistic value exceeds a predetermined threshold, and issuing a DDoS protection policy to a second packet forwarding device based on a determination result indicating that the global traffic statistic value exceeds the predetermined threshold; correspondingly, receiving, by the second packet forwarding device, the DDoS protection policy transmitted by the controller; and protecting, according to the DDoS protection policy, the traffic flowing to the destination IP address, thus reducing a range of an effect of a DDoS attack on a network, and improving network security.
展开▼