Early Detection of DDoS Attacks against SDN Controllers

被引:0
|
作者
Mousavi, Seyed Mohammad [1 ]
St-Hilaire, Marc [1 ]
机构
[1] Carleton Univ, Dept Syst & Comp Engn, Ottawa, ON, Canada
来源
2015 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS (ICNC) | 2015年
关键词
DDoS attack; SDN; Controller; Entropy;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
A Software Defined Network (SDN) is a new network architecture that provides central control over the network. Although central control is the major advantage of SDN, it is also a single point of failure if it is made unreachable by a Distributed Denial of Service (DDoS) Attack. To mitigate this threat, this paper proposes to use the central control of SDN for attack detection and introduces a solution that is effective and lightweight in terms of the resources that it uses. More precisely, this paper shows how DDoS attacks can exhaust controller resources and provides a solution to detect such attacks based on the entropy variation of the destination IP address. This method is able to detect DDoS within the first five hundred packets of the attack traffic.
引用
收藏
页码:77 / 81
页数:5
相关论文
共 50 条
  • [31] Early detection of DDoS based on φ-entropy in SDN networks
    Li, Runyu
    Wu, Bin
    PROCEEDINGS OF 2020 IEEE 4TH INFORMATION TECHNOLOGY, NETWORKING, ELECTRONIC AND AUTOMATION CONTROL CONFERENCE (ITNEC 2020), 2020, : 731 - 735
  • [32] SDN-Defend: A Lightweight Online Attack Detection and Mitigation System for DDoS Attacks in SDN
    Wang, Jin
    Wang, Liping
    SENSORS, 2022, 22 (21)
  • [33] Improving Resiliency Against DDoS Attacks by SDN and Multipath Orchestration of VNF Services
    Alparslan, Onur
    Gunes, Onur
    Hanay, Y. Sinan
    Arakawa, Shin'ichi
    Murata, Masayuki
    2017 23RD IEEE INTERNATIONAL SYMPOSIUM ON LOCAL AND METROPOLITAN AREA NETWORKS (LANMAN), 2017,
  • [34] An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers
    Gadze, James Dzisi
    Bamfo-Asante, Akua Acheampomaa
    Agyemang, Justice Owusu
    Nunoo-Mensah, Henry
    Opare, Kwasi Adu-Boahen
    TECHNOLOGIES, 2021, 9 (01)
  • [35] A Method of DDoS Attack Detection and Mitigation for the Comprehensive Coordinated Protection of SDN Controllers
    Wang, Jin
    Wang, Liping
    Wang, Ruiqing
    ENTROPY, 2023, 25 (08)
  • [36] Implementation of an SDN-based Security Defense Mechanism Against DDoS Attacks
    Lin, Hsiao-Chung
    Wang, Ping
    JOINT 2016 INTERNATIONAL CONFERENCE ON ECONOMICS AND MANAGEMENT ENGINEERING (ICEME 2016) AND INTERNATIONAL CONFERENCE ON ECONOMICS AND BUSINESS MANAGEMENT (EBM 2016), 2016, : 377 - 383
  • [37] DDOS attack detection in SDN: Method of attacks, detection techniques, challenges and research gaps
    Wabi, Abdullahi Aishatu
    Idris, Ismaila
    Olaniyi, Olayemi Mikail
    Ojeniyi, Joseph A.
    COMPUTERS & SECURITY, 2024, 139
  • [38] Generating extension strategy for mitigation of DoS attacks against SDN controllers
    Xu H.
    Liu X.
    Yang J.
    Ye Z.
    Xu, Hui (xuhui@mail.hbut.edu.cn), 1754, Totem Publishers Ltd (14) : 1754 - 1764
  • [39] A DDoS Vulnerability Analysis System against Distributed SDN Controllers in a Cloud Computing Environment
    Badotra, Sumit
    Tanwar, Sarvesh
    Bharany, Salil
    Rehman, Ateeq Ur
    Eldin, Elsayed Tag
    Ghamry, Nivin A.
    Shafiq, Muhammad
    ELECTRONICS, 2022, 11 (19)
  • [40] Detection and Defense Mechanisms Against DDoS Attacks: A Review
    Pimpalkar, Archana S.
    Patil, A. R. Bhagat
    2015 INTERNATIONAL CONFERENCE ON INNOVATIONS IN INFORMATION, EMBEDDED AND COMMUNICATION SYSTEMS (ICIIECS), 2015,
12345