A Dynamic Hybrid Timeout Method to Secure Flow Tables Against DDoS Attacks in SDN

Abstract

Distributed Denial of Service attacks are one of the major threats to network-based services today. Software Defined Networks (SDN) has the potential to evolve into a much more secure network paradigm than a traditional network as the whole network is controlled by a central controller having a complete view of the network. Being a considerably new concept, there are certain research problems related to SDN which are still needed to be addressed. Our work focuses on the collection of flow statistics to record the complete current and historical dynamics of the network by the controller to enable it to detect and prevent anomalous behavior in the network. Another research problem addressed in this paper is based on the Ternary Content Addressable Memory (TCAM) limitation of SDN based switches, which can be exploited with malicious hosts generating discrete network flows. To address this problem we propose the Dynamic Hybrid Timeout Method. It uses a blend of idle and hard timeout methods in addition to the Peer Support Strategy to enhance the durability of TCAM memory during flow table overloading DDoS attacks. The simulation results show that the Dynamic Hybrid Timeout Method enhances the performance of the Peer Support Strategy and adds durability in flow table memory utilization.