SECO: SDN sEcure COntroller algorithm for detecting and defending denial of service attacks

Abstract

Software Defined Network (SDN) brings additional flexibility to the traditional network allowing the implementation of intelligent information processing. SDN introduces a new architecture, where the controller acts as the brain of the network controlling several tasks such as routing, load balancing and providing the required quality of service (QoS). However, having a centralized controller makes the network vulnerable in terms of security. This paper introduces SDN sEcure COntroller (SECO) a novel and simple detect and defense algorithm, running in the controller, for improving SDN security features under Denial of Service (DoS) attacks. The network performance during attack is tested with and without the SECO algorithm. In this paper we show by means of simulations that the DoS attacks can degrade the controller's performance and the proposed algorithm could significantly reduce the impact of such DoS attacks.