Detection and Mitigation of DDoS Attacks Using Conditional Entropy in Software-defined Networking

被引：9

作者：

Xuanyuan, Ming ^{[1
]}

Ramsurrun, Visham ^{[1
]}

Seeam, Amar ^{[1
]}

机构：

[1] Middlesex Univ, Sch Sci & Technol, Flic En Flac, Mauritius

来源：

2019 11TH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING (ICOAC 2019) | 2019年

关键词：

DDoS; DDoS detection; Mitigation; SDN; Entropy;

D O I：

10.1109/ICoAC48765.2019.246818

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

Software-defined networking (SDN) is a relatively new technology that promotes network revolution. The most distinct characteristic of SDN is the transformation of control logic from the basic packet forwarding equipment to a centralized management unit called controller. However, the centralized control of the network resources is like a double-edged sword, for it not only brings beneficial features but also introduces single point of failure if the controller is under distributed denial of service (DDoS) attacks. In this paper, we introduce a light-weight approach based on conditional entropy to improve the SDN security with an aim of defending DDoS at the early stage. The experimental results show that the proposed method has a high average detection rate of 99.372%.

引用

页码：66 / 71

页数：6

共 50 条

[1] Detection of DDoS Attacks in Software Defined Networking Using Entropy
Fan, Cong
Kaliyamurthy, Nitheesh Murugan
Chen, Shi
Jiang, He
Zhou, Yiwen
Campbell, Carlene
[J]. APPLIED SCIENCES-BASEL, 2022, 12 (01):
[2] Addressing Spoofed DDoS Attacks in Software-defined Networking
Swami, Rochak
Dave, Mayank
Ranga, Virender
[J]. 2021 6TH INTERNATIONAL CONFERENCE FOR CONVERGENCE IN TECHNOLOGY (I2CT), 2021,
[3] Improved Network Monitoring Using Software-Defined Networking for DDoS Detection and Mitigation Evaluation
Ramprasath, J.
Seethalakshmi, V.
[J]. WIRELESS PERSONAL COMMUNICATIONS, 2021, 116 (03) : 2743 - 2757
[4] Improved Network Monitoring Using Software-Defined Networking for DDoS Detection and Mitigation Evaluation
J. Ramprasath
V. Seethalakshmi
[J]. Wireless Personal Communications, 2021, 116 : 2743 - 2757
[5] FADM: DDoS Flooding Attack Detection and Mitigation System in Software-Defined Networking
Hu, Dingwen
Hong, Peilin
Chen, Yixin
[J]. GLOBECOM 2017 - 2017 IEEE GLOBAL COMMUNICATIONS CONFERENCE, 2017,
[6] Review on Detection Techniques against DDoS Attacks on a Software-Defined Networking Controller
Zubaydi, Haider Dhia
Anbar, Mohammed
Wey, Chong Yung
[J]. 2017 PALESTINIAN INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY (PICICT), 2017, : 10 - 16
[7] An Entropy-Based Distributed DDoS Detection Mechanism in Software-Defined Networking
Wang, Rui
Jia, Zhiping
Ju, Lei
[J]. 2015 IEEE TRUSTCOM/BIGDATASE/ISPA, VOL 1, 2015, : 310 - 317
[8] HTTP DDoS flooding attack mitigation in software-defined networking
Park, Sungho
Kim, Youngjun
Choi, Hyungoo
Kyung, Yeunwoong
Park, Jinwoo
[J]. IEICE Transactions on Information and Systems, 2021, E104D (09) : 1496 - 1499
[9] HTTP DDoS Flooding Attack Mitigation in Software-Defined Networking
Park, Sungho
Kim, Youngjun
Choi, Hyungoo
Kyung, Yeunwoong
Park, Jinwoo
[J]. IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2021, E104D (09): : 1496 - 1499
[10] Towards DDoS detection mechanisms in Software-Defined Networking
Cui, Yunhe
Qian, Qing
Guo, Chun
Shen, Guowei
Tian, Youliang
Xing, Huanlai
Yan, Lianshan
[J]. JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2021, 190

← 1 2 3 4 5 →