Mitigation and Detection of DDoS Attacks in Software Defined Networks

Abstract

The Software Defined Networking (SDN) paradigm is expected to heavily integrate into future networks. Enterprises have already started migrating their networks to SDNs. Billions of smart devices constituting the Internet of Things will be connected to these high speed networks and will be communicating over these networks. The ubiquity of these networks along with the user devices connected to them becomes of paramount importance for the end users. This work presents a SDN switch based module to detect a Denial Of Service attack on the network and its connected components. The module analyzes each packet that comes to the switch and allocates a fitness score to each packet. The packets are labeled as safe, risky or dangerous and then they are either allowed to pass, proxied via a buffering system, or dropped immediately respectively.