This paper proposes an SDN address hopping algorithm based on flow count synchronization to defend against DDoS
attacks. The controller and the client use the DH algorithm to negotiate to generate a hopping address pool, and use RSA
to verify the legitimacy of the negotiating parties, ensuring the security of the hopping address pool, and solving the
problem that the hopping pattern is easily intercepted and cracked. The flow count is used as an address hopping trigger
condition, and the address hopping is selected according to the number of data packets sent in the network, which can
quickly respond to large-flow DDoS attacks. Experiments have verified the effectiveness of its defense against DDoS
attacks.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.