Detection and Mitigation of DDoS Attacks Using Conditional Entropy in Software-defined Networking

被引:11
|
作者
Xuanyuan, Ming [1 ]
Ramsurrun, Visham [1 ]
Seeam, Amar [1 ]
机构
[1] Middlesex Univ, Sch Sci & Technol, Flic En Flac, Mauritius
来源
2019 11TH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING (ICOAC 2019) | 2019年
关键词
DDoS; DDoS detection; Mitigation; SDN; Entropy;
D O I
10.1109/ICoAC48765.2019.246818
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
Software-defined networking (SDN) is a relatively new technology that promotes network revolution. The most distinct characteristic of SDN is the transformation of control logic from the basic packet forwarding equipment to a centralized management unit called controller. However, the centralized control of the network resources is like a double-edged sword, for it not only brings beneficial features but also introduces single point of failure if the controller is under distributed denial of service (DDoS) attacks. In this paper, we introduce a light-weight approach based on conditional entropy to improve the SDN security with an aim of defending DDoS at the early stage. The experimental results show that the proposed method has a high average detection rate of 99.372%.
引用
收藏
页码:66 / 71
页数:6
相关论文
共 50 条
  • [21] DDoS protection with stateful software-defined networking
    Rebecchi, Filippo
    Boite, Julien
    Nardin, Pierre-Alexis
    Bouet, Mathieu
    Conan, Vania
    INTERNATIONAL JOURNAL OF NETWORK MANAGEMENT, 2019, 29 (01)
  • [22] Misreporting Attacks in Software-Defined Networking
    Burke, Quinn
    McDaniel, Patrick
    La Porta, Thomas
    Yu, Mingli
    He, Ting
    SECURITY AND PRIVACY IN COMMUNICATION NETWORKS (SECURECOMM 2020), PT I, 2020, 335 : 276 - 296
  • [23] Machine learning assisted snort and zeek in detecting DDoS attacks in software-defined networking
    AbdulRaheem M.
    Oladipo I.D.
    Imoize A.L.
    Awotunde J.B.
    Lee C.-C.
    Balogun G.B.
    Adeoti J.O.
    International Journal of Information Technology, 2024, 16 (3) : 1627 - 1643
  • [24] Detecting Adversarial DDoS Attacks in Software-Defined Networking Using Deep Learning Techniques and Adversarial Training
    Nugraha, Beny
    Kulkarni, Naina
    Gopikrishnan, Akash
    PROCEEDINGS OF THE 2021 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE (IEEE CSR), 2021, : 448 - 454
  • [25] A Novel Hybrid Flow-based Handler with DDoS Attacks in Software-Defined Networking
    Phan, Trung V.
    Nguyen Khac Bao
    Park, Minho
    2016 INT IEEE CONFERENCES ON UBIQUITOUS INTELLIGENCE & COMPUTING, ADVANCED & TRUSTED COMPUTING, SCALABLE COMPUTING AND COMMUNICATIONS, CLOUD AND BIG DATA COMPUTING, INTERNET OF PEOPLE, AND SMART WORLD CONGRESS (UIC/ATC/SCALCOM/CBDCOM/IOP/SMARTWORLD), 2016, : 350 - 357
  • [26] A DDoS Attack Detection and Mitigation With Software-Defined Internet of Things Framework
    Yin, Da
    Zhang, Lianming
    Yang, Kun
    IEEE ACCESS, 2018, 6 : 24694 - 24705
  • [27] Real-Time Detection and Mitigation of Distributed Denial of Service (DDoS) Attacks in Software Defined Networking (SDN)
    Lawal, Babatunde Hafis
    At, Nuray
    2018 26TH SIGNAL PROCESSING AND COMMUNICATIONS APPLICATIONS CONFERENCE (SIU), 2018,
  • [28] Entropy-Based Approach to Detect DDoS Attacks on Software Defined Networking Controller
    Aladaileh, Mohammad
    Anbar, Mohammed
    Hasbullah, Iznan H.
    Sanjalawe, Yousef K.
    Chong, Yung-Wey
    CMC-COMPUTERS MATERIALS & CONTINUA, 2021, 69 (01): : 373 - 391
  • [29] Entropy-based approach to detect DDoS attacks on software defined networking controller
    Aladaileh, Mohammad
    Anbar, Mohammed
    Hasbullah, Iznan H.
    Sanjalawe, Yousef K.
    Chong, Yung-Wey
    Computers, Materials and Continua, 2021, 69 (01): : 373 - 391
  • [30] Causal Analysis for Software-Defined Networking Attacks
    Ujcich, Benjamin E.
    Jero, Samuel
    Skowyra, Richard
    Bates, Adam
    Sanders, William H.
    Okhravi, Hamed
    PROCEEDINGS OF THE 30TH USENIX SECURITY SYMPOSIUM, 2021, : 3183 - 3200
12345