{"title":"Detection and Mitigation of Malicious DDoS Floods in Software Defined Networks","authors":"","doi":"10.33140/jeee.02.02.07","DOIUrl":null,"url":null,"abstract":"The advent of software-defined networking (SDN) has significantly transformed network management by offering modular control and data plane characteristics, enabling adaptability and flexibility in managing networks. This innovation entails the separation of control and data plane elements to facilitate efficient network administration. Nevertheless, the centralization resulting from control plane separation renders SDN vulnerable to cyber threats, particularly Distributed Denial-of-service (DDoS) attacks that target SDN controllers. Recently, studies have highlighted the relevance of entropy-based attack detection techniques compared to alternative methods. However, relying solely on entropy may overlook detection in specific variables, such as flow specification variations. To address the limitations of entropy-based detection systems, we developed a DDoS attack detection framework within the SDN control plane, integrating the packet flow initiation and specification properties with an entropy-based algorithm to ensure accurate attack detection measures. Our lightweight framework aims to mitigate DDoS attacks by detecting their impact in the early stages, thus preventing SDN controllers from being hijacked due to excessive packet flooding. The simulation is employed in Mininet network simulator to implement, and the testbed is created by focusing UDP flood attacks in widely used data-centric tree topologies. The experimental results demonstrate that our proposed solution effectively detects and mitigates novel parameters of SDN-based DDoS floods within 150 packets while maintaining minimal delay and high accuracy","PeriodicalId":39047,"journal":{"name":"Journal of Electrical and Electronics Engineering","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Electrical and Electronics Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.33140/jeee.02.02.07","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Engineering","Score":null,"Total":0}
引用次数: 0
Abstract
The advent of software-defined networking (SDN) has significantly transformed network management by offering modular control and data plane characteristics, enabling adaptability and flexibility in managing networks. This innovation entails the separation of control and data plane elements to facilitate efficient network administration. Nevertheless, the centralization resulting from control plane separation renders SDN vulnerable to cyber threats, particularly Distributed Denial-of-service (DDoS) attacks that target SDN controllers. Recently, studies have highlighted the relevance of entropy-based attack detection techniques compared to alternative methods. However, relying solely on entropy may overlook detection in specific variables, such as flow specification variations. To address the limitations of entropy-based detection systems, we developed a DDoS attack detection framework within the SDN control plane, integrating the packet flow initiation and specification properties with an entropy-based algorithm to ensure accurate attack detection measures. Our lightweight framework aims to mitigate DDoS attacks by detecting their impact in the early stages, thus preventing SDN controllers from being hijacked due to excessive packet flooding. The simulation is employed in Mininet network simulator to implement, and the testbed is created by focusing UDP flood attacks in widely used data-centric tree topologies. The experimental results demonstrate that our proposed solution effectively detects and mitigates novel parameters of SDN-based DDoS floods within 150 packets while maintaining minimal delay and high accuracy
期刊介绍:
Journal of Electrical and Electronics Engineering is a scientific interdisciplinary, application-oriented publication that offer to the researchers and to the PhD students the possibility to disseminate their novel and original scientific and research contributions in the field of electrical and electronics engineering. The articles are reviewed by professionals and the selection of the papers is based only on the quality of their content and following the next criteria: the papers presents the research results of the authors, the papers / the content of the papers have not been submitted or published elsewhere, the paper must be written in English, as well as the fact that the papers should include in the reference list papers already published in recent years in the Journal of Electrical and Electronics Engineering that present similar research results. The topics and instructions for authors of this journal can be found to the appropiate sections.