Entropy based earlier detection and mitigation of DDOS attack using stochastic method in SDN_IOT

Abstract

Software-defined networking (SDN) is characterized by the separation of control plane as well as data plane in the network. Data packets are forwarded by the data plane, while routing decisions are made by the control plane. This separation of concerns allows for greater flexibility and programmability in the network. It is a promising technology that can allow IoT networks to perform better, be more secure, and be more manageable. However, there are some challenges that need to be addressed before SDN can be widely adopted in IoT environments. The requests can be made from a variety of sources, including compromised computers, botnets, and even legitimate users who have been tricked into visiting a malicious website. Detecting and mitigating DDoS attacks at an early stage is the goal of a stochastic method based on Entropy that prevents failure of SDN controller. The proposed algorithm Entropy based DDoS Detection algorithm (EDDA) detects the attack by analyzing entropy fluctuations in incoming data packets, thereby preserving the integrity of sensor-generated data and dynamically configure rate-limiting mechanisms on network devices to restrict the rate at which packets can be transmitted. With our proposed method, DDoS attacks like TCP, UDP, and ICMP SYN Flood can be detected with high accuracy, using less computing power. As a result of the proposed solution, DDoS attacks are detected and mitigated using SDN-based techniques under 70 hosts connected within 9 switches with a high degree of detection accuracy and significantly low detection time. By integrating entropy as a measurement parameter, the proposed system effectively distinguishes between legitimate and malicious network flows, ensuring stable and secure data transmission in sensor-driven IoT networks.