Yabin Xu, Xiaoqiang Li, and Xiaowei Xu


Softwaredefined network, user behaviour perception, complex network, relative entropy


In order to address the security issue of SDN specifically, an abnormal user behaviour perception solution is proposed. In this solution, we obtained historical data of users’ network access behaviour from the flow-table entries of SDN, and applied complex network analysis to abnormal user behaviour perception. First, user’s network access behaviours are divided into some sub-clusters. Then, we quantified user’s network access behaviours by calculating their relative entropies, which are mapped to the appropriate network access behaviour patterns. Finally, users’ real-time network access behaviours within a certain period of time are identified accordingly. In addition, by calculating the ratio of the sum of relative entropy in abnormal user behaviour, sub-cluster and the sum of relative entropy in complex network also can sense the current network security situation. Comparing with traditional user behaviour perception methods, this solution has higher recognition accuracy and lower algorithm complexity. Thus, it effectively improved the computing efficiency.

Important Links:

Go Back