Design and Research on Malicious Web Sites Prevention Model Based on OpenFlow

doi:10.3969/j.issn.1671-1122.2017.01.012

Abstract

Abstract:

With the development of the Internet, more and more people perform the payment and transfer procedures in life and work at home by browsing Web sites or clients. Also with the increase of network frauds and other criminal cases, malicious Web site becomes the main means of fraud. SDN network has the ability to flexibly deploy cyber sources ,which can be used to prevent the malicious sites very well. This paper proposes a malicious Web site protection model based on OpenFlow which processes DNS access requests from client on Floodlight controller by using the characteristic that control and forwarding is separated in SDN, which ensures that the normal Web sites can be accessed on the premise of the malicious Web sites interception.

Key words: malicious Web site, SDN, OpenFlow, DNS

CLC Number:

TP393.0

Haoming LIANG, Chunlin CHEN, Xi LIU, Zhipeng LIU. Design and Research on Malicious Web Sites Prevention Model Based on OpenFlow[J]. Netinfo Security, 2017, 17(1): 77-83.

Figures/Tables 9

References 14

[1]	杨建成,侯章勇,张小进.SDN技术下的钓鱼网站智能检测与防护[J].闽江学院学报,2015(2):69-75.
[2]	朱良俊. 浅谈恶意网站的防护与清除[J].福建广播电视大学学报,2005(2):52-54.
[3]	何公道,王江民.我国恶意网站现状及防治对策研究[J].中国人民公安大学学报(自然科学版),2008(57):1-4.
[4]	王刚. 一种基于SDN技术的多区域安全云计算架构研究[J]. 信息网络安全,2015(9):20-24.
[5]	左青云,陈鸣,赵广松,等. 基于OpenFlow的SDN技术研究[J]. 软件学报,2013(5):1078-1097.
[6]	尹雪蓉,宋耀光,倪巍. 云计算环境下OpenFlow网络研究与实验探索[J]. 实验室研究与探索,2013,32(12):122-125.
[7]	Open Networking Foundation.Software-defined Networking:The New Norm for Networks [EB/OL]. , 2012-4-13.
[8]	左青云,张海粟. 基于OpenFlow的SDN网络安全分析与研究[J]. 信息网络安全,2015,(2):26-32.
[9]	郑礼熊,李青山,李素科,等.基于域名信息的钓鱼URL探测[J].计算机工程,2012,38(10):108-110.
[10]	MCKEOWN N, ANDERSON T, BALAKRISHNAN H, et al.OpenFlow: Enabling Innovation in Campus Networks[J]. ACM SIGCOMM Computer Communication Review, 2008, 38(2): 69-74.
[11]	SDNAP.SDNAP调查:SDN Controller哪个最受欢迎[EB/OL]., 2016-9-30.
[12]	何国锋. OpenFlow在下一代数据中心网络的应用研究[J].互联网天地,2013(3):27-28.
[13]	陈晓帆,黎志勇.基于软件定义网络的恶意网站防护系统[J].科技导报,2015,33(5):96-98.
[14]	齐宇. SDN安全研究[J]. 信息网络安全,2016(9):69-72.

[1]	Qiaoli YUE, Wanbo LV, Weihong HU, Haikuo ZHANG. Mitigating DDoS Attack Based on DNS Response Value Assessment [J]. Netinfo Security, 2019, 19(9): 56-60.
[2]	Yi WEN, Xingshu CHEN, Xuemei ZENG, Yonggang LUO. DNS Protocol Restore System for Security Analysis Based on Large-scale Network [J]. Netinfo Security, 2019, 19(5): 77-83.
[3]	Xiangquan SHI, Jing TAO, Baokang ZHAO. A Network Access Control System in Virtualized Environments [J]. Netinfo Security, 2019, 19(10): 1-9.
[4]	Chengzhe LAI, Wenjuan WANG. Secure Mobility Management Framework with Privacy Preservation for Vehicle Platoon [J]. Netinfo Security, 2018, 18(7): 36-46.
[5]	Qinghe DONG, Qian HE, Bingcheng JIANG, Peng LIU. Scheme of Cloud Database Oriented Multi-tenant Attribute-based Security Isolation and Data Protection [J]. Netinfo Security, 2018, 18(7): 60-68.
[6]	Weijun ZHU, Yongwen FAN, Shaohuan BAN. A Mimic-automaton-based Model for the MSISDN Virtualization and Its Method for Verifying the Security [J]. Netinfo Security, 2018, 18(4): 15-22.
[7]	Zhanzhen WEI, Shourong WANG, Zhaobin LI, Weilong LI. Research on SDN Terminal Access Control Based on OpenFlow [J]. Netinfo Security, 2018, 18(4): 23-31.
[8]	Yi ZHU, Xingshu CHEN, Jinghan CHEN, Guolin SHAO. DNS Health Assessment Based on Fuzzy Comprehensive Evaluation [J]. Netinfo Security, 2018, 18(4): 65-71.
[9]	LI Jianfeng, LIU Yuan, ZHANG Hao, WANG Xiaofeng. Research and Implementation of Routing Performance Optimization for IaaS Cloud Platform [J]. 信息网络安全, 2017, 17(9): 10-15.
[10]	MEN Hong, YAO Shunli. Research on a Framework Based on Virtual Cloud Network for Monitoring Safe Production [J]. 信息网络安全, 2017, 17(3): 14-20.
[11]	XU Yang, CHEN Yi, HE Rui, XIE Xiaoyao. Research of DDoS Detection and Multi-layer Defense in SDN [J]. 信息网络安全, 2017, 17(12): 22-28.
[12]	QI Yu. Research on the Security of SDN [J]. 信息网络安全, 2016, 16(9): 69-72.
[13]	CHEN Yingcong, CHEN Guangqing, CHEN Zhiming, WAN Neng. A Binary Code Analysis of Vulnerability Scanning Method for SDN Smart Power Grid [J]. 信息网络安全, 2016, 16(7): 35-39.
[14]	WU Zehui, WEI Qiang. A Secure Fault Recovery Approach Using OwnShip-Proof Model for Controller Cluster of Software Defined Networks [J]. 信息网络安全, 2016, 16(12): 13-18.
[15]	WANG Gang. Research on Multi-zone Secure Cloud Computing Fabrics Based on SDN Technology [J]. 信息网络安全, 2015, 15(9): 20-24.