Early Detection of DDoS Attacks against SDN Controllers

被引:0
|
作者
Mousavi, Seyed Mohammad [1 ]
St-Hilaire, Marc [1 ]
机构
[1] Carleton Univ, Dept Syst & Comp Engn, Ottawa, ON, Canada
来源
2015 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS (ICNC) | 2015年
关键词
DDoS attack; SDN; Controller; Entropy;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
A Software Defined Network (SDN) is a new network architecture that provides central control over the network. Although central control is the major advantage of SDN, it is also a single point of failure if it is made unreachable by a Distributed Denial of Service (DDoS) Attack. To mitigate this threat, this paper proposes to use the central control of SDN for attack detection and introduces a solution that is effective and lightweight in terms of the resources that it uses. More precisely, this paper shows how DDoS attacks can exhaust controller resources and provides a solution to detect such attacks based on the entropy variation of the destination IP address. This method is able to detect DDoS within the first five hundred packets of the attack traffic.
引用
下载
收藏
页码:77 / 81
页数:5
相关论文
共 50 条
  • [41] Applying NFV/SDN in Mitigating DDoS Attacks
    Zhou, Luying
    Guo, Huaqun
    TENCON 2017 - 2017 IEEE REGION 10 CONFERENCE, 2017, : 2061 - 2066
  • [42] A Resource Utilization Measurement Detection against DDoS Attacks
    Chen, Chin-Ling
    Chen, Hsin-Chiao
    2016 9TH INTERNATIONAL CONGRESS ON IMAGE AND SIGNAL PROCESSING, BIOMEDICAL ENGINEERING AND INFORMATICS (CISP-BMEI 2016), 2016, : 1938 - 1943
  • [43] Detection and Reaction against DDoS Attacks in Cellular Networks
    Rekhis, Slim
    Chouchane, Alaaedine
    Boudriga, Noureddine
    2008 3RD INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGIES: FROM THEORY TO APPLICATIONS, VOLS 1-5, 2008, : 2520 - 2525
  • [44] Detection and mitigation of DDoS attacks based on multi-dimensional characteristics in SDN
    Wang K.
    Fu Y.
    Duan X.
    Liu T.
    Scientific Reports, 14 (1)
  • [45] Real-Time Detection of DDoS Attacks Based on Random Forest in SDN
    Ma, Ruikui
    Wang, Qiuqian
    Bu, Xiangxi
    Chen, Xuebin
    APPLIED SCIENCES-BASEL, 2023, 13 (13):
  • [46] Detection of DDoS attacks in SDN-based VANET using optimized TabNet
    Setitra, Mohamed Ali
    Fan, Mingyu
    COMPUTER STANDARDS & INTERFACES, 2024, 90
  • [47] Detecting DDoS Attacks through AI driven SDN Intrusion Detection System
    Salatino, Francesco
    Spina, Mattia Giovanni
    Tropea, Mauro
    De Rango, Floriano
    2024 IEEE 21ST CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE, CCNC, 2024, : 990 - 993
  • [48] Using SDN Approach to Secure Cloud Servers Against Flooding Based DDoS Attacks
    Guesmi, Houda
    Saidane, Leila Azouz
    2017 25TH INTERNATIONAL CONFERENCE ON SYSTEMS ENGINEERING (ICSENG), 2017, : 309 - 315
  • [49] Self-Organized SDN Controller Cluster Conformations Against DDoS Attacks Effects
    Macedo, Ricardo
    de Castro, Rafael
    Santos, Aldri
    Ghamri-Doudane, Yacine
    Nogueira, Michele
    2016 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM), 2016,
  • [50] Detection and mitigation of DDoS in SDN
    Pande, Bhavika
    Bhagat, Gargi
    Priya, Shanu
    Agrawal, Himanshu
    2018 ELEVENTH INTERNATIONAL CONFERENCE ON CONTEMPORARY COMPUTING (IC3), 2018, : 371 - 373
12345