Dhawan M, Poddar R, Mahajan K, et al. SPHINX: Detecting Security Attacks in Software-Defined Networks[C]//NDSS. 2015, 15: 8-11.

本文很不错，写得十分详细，很贴近实用，作者是精通OF协议的。 本文目的提出一种检测已知和未知网络攻击并可实时发出警告，自动学习新的网络行为。

Shin S , Yegneswaran V , Porras P , et al. AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks[C]// Acm Sigsac Conference on Computer & Communications Security. ACM, 2013.

Zhou H , Wu C , Yang C , et al. SDN-RDCD: A Real-Time and Reliable Method for Detecting Compromised SDN Devices[J]. IEEE/ACM Transactions on Networking, 2018, PP(99).

本文目标是通过一个审计器检测被挟持的SDN设备，实验结果并未与其他进行比较，因为他声称自己的正确率有100,但是并没有提供检测具体哪个设备被挟持。

Kalkan K , Gur G , Alagoz F . SDNScore: A statistical defense mechanism against DDoS attacks in SDN environment[C]// 2017 IEEE Symposium on Computers and Communications (ISCC). IEEE, 2017.

Silva A S D . Atlantic : a framework for anomaly traffic detection, classification, and mitigation in SDN[C]// Network Operations & Management Symposium. IEEE, 2016.

本文提出一个架构用于在SDN中的异常检测与缓解，架构分为两个阶段：检测异常（利用Entropy），分类流（Machine Learning）,并提供了实现的源码。源码下载，这个人的github里只有这一个代码项目….下面详细记录这篇文章。

Niyaz Q , Sun W , Javaid A Y . A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)[J]. Security & Safety, 2016, 4(12).

没有看的价值，跟深度学习完全扯不上关系，被标题和页码骗了。。

Alvarez Cid-Fuentes J , Szabo C , Falkner K . Adaptive Performance Anomaly Detection in Distributed Systems Using Online SVMs[J]. IEEE Transactions on Dependable and Secure Computing, 2018:1-1.

本文提出框架，通过周期地收集系统矩阵来提取特征，并采用在线SVM法训练和对特征进行分类从而识别异常行为：deadlock,livelock,unwanted synchronization,memory leaks。

Shone N , Ngoc T N , Phai V D , et al. A Deep Learning Approach to Network Intrusion Detection[J]. IEEE Transactions on Emerging Topics in Computational Intelligence, 2018, 2(1):41-50.

Garg S , Kaur K , Kumar N , et al. Hybrid Deep-Learning-Based Anomaly Detection Scheme for Suspicious Flow Detection in SDN: A Social Multimedia Perspective[J]. IEEE Transactions on Multimedia, 2019, 21(3):566-578.

Zeng H , Kazemian P , Varghese G , et al. Automatic test packet generation[C]// International Conference on Emerging Networking Experiments & Technologies. IEEE, 2012.

背景分析

当前特别需要自动化的网络测试工具

概念

• packets
• Switch
• Rules：defines how header space at ingress is transformed into regions of header space of egress.
• Rule Historyt:包被传送过程中记录自己所经历过的规则。
• Topology:拓扑结构

测试包生成算法过程

step1:生成一个all-pairs reachability table

Peng Z, Xu S, Yang Z, et al. FOCES: Detecting Forwarding Anomalies in Software Defined Networks[C]// IEEE International Conference on Distributed Computing Systems. 2018.

B类。本文提供一种在SDN中进行forwarding anomaly 检测方法，（只提供检测，并未提供定位与解决办法）

Carvalho L F , Fernandes G , Rodrigues J J P C , et al. A novel anomaly detection system to assist network management in SDN environment[C]// IEEE International Conference on Communications. IEEE, 2017.

Huijun P , Zhe S , Xuejian Z , et al. [J]. IEEE Access, 2018:1-1.

本文件基于knn的一个改进算法提出了一个异常检测算法。

Paxson, Vern. An analysis of using reflectors for distributed denial-of-service attacks[J]. ACM SIGCOMM Computer Communication Review, 2001, 31(3):38.

本文先讲解了DDoS攻击，再讲解基于reflector的DDoS攻击，最后基于各种网络协议的字段进行挨个分析，讲解哪些字段容易受到attacker的利用从而进行攻击。

Kalkan K , Altay L , Gur G , et al. JESS: Joint Entropy Based DDoS Defense Scheme in SDN[J]. IEEE Journal on Selected Areas in Communications, 2018:1-1.

该文提出了一种基于熵的DDoS攻击的检测与缓解办法。

Giotis K , Androulidakis G , Maglaris V . Leveraging SDN for Efficient Anomaly Detection and Mitigation on Legacy Networks[C]// Third European Workshop on Software Defined Networks. IEEE Computer Society, 2014.

A distributed filtering mechanism against DDoS attacks: ScoreForCore

Kalkan K, Alagöz F. A distributed filtering mechanism against DDoS attacks: ScoreForCore[J]. Computer Networks, 2016, 108: 199-209.

Crowd-GPS-Sec: Leveraging Crowdsourcing to Detect and Localize GPS Spoofing Attacks

Jansen K, Schäfer M, Moser D, et al. Crowd-GPS-Sec: Leveraging Crowdsourcing to Detect and Localize GPS Spoofing Attacks[C] IEEE Symposium on Security and> Privacy (S&P). 2018.