See more details in link
This project implemented this algorithm and tested it in a virtual network.
Ubuntu16.04LTS
- Open vSwitch
- Ryu
- D-ITG
- Scapy
- matplotlib
wget https://github.com/MrDuGitHub/DFAD/archive/v0.2.tar.gz
tar -xzf v0.2.tar.gz
cd DFAD-0.2
make
We use the OVS 2.9.0 version,and if you've installed and started it properly, you can build the required virtual network with the following command.
sudo ovs-vsctl add-br s1
sudo ovs-vsctl set-controller s1 tcp:127.0.0.1:6633sudo ovs-vsctl add-port s1 p1
sudo ovs-vsctl set Interface p1 ofport_request=10
sudo ovs-vsctl set Interface p1 type=internal
ethtool -i p1 sudo ovs-vsctl set interface p4 type=patch
sudo ovs-vsctl set interface p4 options:peer=p8We use the namespace feature of Linux to create a virtual host.
sudo ip netns add h1
sudo ip link set p1 netns h1
sudo ip netns exec h1 ip addr add 192.168.10.11/24 dev p1
sudo ip netns exec h1 ifconfig p1 promisc up We used Ryu as the SDN controller and created a simple two-layer switch app.
cd ryu/ryu/app
ryu-manager --verbose simple_switch_13.py D-ITG is used to generate the legitimate traffic.80% of the legitimate traffic is TCP traffic and 20% is UDP traffic.
cd D-ITG-2.8.1-r1023/srcsudo ip netns exec h5 sudo ITGSend -T TCP -a 192.168.10.11 -o 512 -O 10 -t 200000 -lsudo ip netns exec h1 sudo ITGSend -T UDP -a 192.168.10.12 -o 96 -O 20 -t 200000 -l sudo ip netns exec h1 sudo ITGRecvWe use the Python tool Scapy to generate DDoS flooding attack traffic from zombie hosts to the victim.
cd DFAD-0.2/utils
sudo ip netns exec h5 python synFlood.py 192.168.10.11 10Start detector.
Description of parameters:
- -m M W
- -l lambda
- -t interval
- -i initial_n
- -s Switch
- -c Controller
sudo ./entropy -m 2 3 -l 3 -t 5 -i 10 -scd DFAD-0.2/utils
python Collector.py
python Draw.pySee more details in order
