{"title":"SDN中SYN泛洪攻击的检测与缓解","authors":"Nan Haymarn Oo, A. Maw","doi":"10.18178/wcse.2019.03.022","DOIUrl":null,"url":null,"abstract":". Software-defined networking separates network architecture into logical control layer and data forwarding layer with the aim of providing high flexibility, agility, and security. Although it manages the whole network from the controller with the ease of programmability, many security issues still exist in SDN architecture. Attacker's target can be at the various layers of SDN by DDoS attack. Defining threshold in detection and mitigation of the attack is one of the most important issues. Existing researches emphasize the detection of DDoS attack with various mechanisms in SDN infrastructure. This paper provides a simple mechanism for both detection and mitigation of common type of DDoS attack, SYN flooding attack via sFlow analyzer with dynamic threshold calculated by using adaptive threshold algorithm. It uses own generated network traffic consisting both normal and attack traffic and shows that how the calculated dynamic threshold adapts the incoming traffic. It also evaluates the performance of the detection and mitigation mechanism by detection rate, false alarm rate, false negative rate, and accuracy in order to prove our proposed system can timely detect and reasonably mitigate DDoS attack.","PeriodicalId":342228,"journal":{"name":"Proceedings of 2019 the 9th International Workshop on Computer Science and Engineering","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"SYN Flooding Attack Detection and Mitigation in SDN\",\"authors\":\"Nan Haymarn Oo, A. Maw\",\"doi\":\"10.18178/wcse.2019.03.022\",\"DOIUrl\":null,\"url\":null,\"abstract\":\". Software-defined networking separates network architecture into logical control layer and data forwarding layer with the aim of providing high flexibility, agility, and security. Although it manages the whole network from the controller with the ease of programmability, many security issues still exist in SDN architecture. Attacker's target can be at the various layers of SDN by DDoS attack. Defining threshold in detection and mitigation of the attack is one of the most important issues. Existing researches emphasize the detection of DDoS attack with various mechanisms in SDN infrastructure. This paper provides a simple mechanism for both detection and mitigation of common type of DDoS attack, SYN flooding attack via sFlow analyzer with dynamic threshold calculated by using adaptive threshold algorithm. It uses own generated network traffic consisting both normal and attack traffic and shows that how the calculated dynamic threshold adapts the incoming traffic. It also evaluates the performance of the detection and mitigation mechanism by detection rate, false alarm rate, false negative rate, and accuracy in order to prove our proposed system can timely detect and reasonably mitigate DDoS attack.\",\"PeriodicalId\":342228,\"journal\":{\"name\":\"Proceedings of 2019 the 9th International Workshop on Computer Science and Engineering\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of 2019 the 9th International Workshop on Computer Science and Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.18178/wcse.2019.03.022\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of 2019 the 9th International Workshop on Computer Science and Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.18178/wcse.2019.03.022","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
SYN Flooding Attack Detection and Mitigation in SDN
. Software-defined networking separates network architecture into logical control layer and data forwarding layer with the aim of providing high flexibility, agility, and security. Although it manages the whole network from the controller with the ease of programmability, many security issues still exist in SDN architecture. Attacker's target can be at the various layers of SDN by DDoS attack. Defining threshold in detection and mitigation of the attack is one of the most important issues. Existing researches emphasize the detection of DDoS attack with various mechanisms in SDN infrastructure. This paper provides a simple mechanism for both detection and mitigation of common type of DDoS attack, SYN flooding attack via sFlow analyzer with dynamic threshold calculated by using adaptive threshold algorithm. It uses own generated network traffic consisting both normal and attack traffic and shows that how the calculated dynamic threshold adapts the incoming traffic. It also evaluates the performance of the detection and mitigation mechanism by detection rate, false alarm rate, false negative rate, and accuracy in order to prove our proposed system can timely detect and reasonably mitigate DDoS attack.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
