Detection and Mitigation of DDoS in SDN

Abstract

The authors have modelled a DDoS prevention mechanism for DDoS attacks occurring in same or different domains, with help of controller in Software Defined Networking. The controllers are implemented using Ryu and Open Flow protocol. The topology for our framework consisting of controllers, switches and hosts is implemented using Mininet which emulates the network effectively. Controllers are programmed to identify victims and attackers and apply defense mechanism accordingly. The defense mechanisms used are ingress, egress and pushback after validating packet legitimacy. Ingress filtering is applied if the attacker is found to be in the same domain while egress followed by ingress is applied when the attacker is found to be of the other domain, after receiving a pushback request. The model proves to give fairly accurate results.