Early Detection of DDoS Attacks against SDN Controllers

被引:0
|
作者
Mousavi, Seyed Mohammad [1 ]
St-Hilaire, Marc [1 ]
机构
[1] Carleton Univ, Dept Syst & Comp Engn, Ottawa, ON, Canada
来源
2015 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS (ICNC) | 2015年
关键词
DDoS attack; SDN; Controller; Entropy;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
A Software Defined Network (SDN) is a new network architecture that provides central control over the network. Although central control is the major advantage of SDN, it is also a single point of failure if it is made unreachable by a Distributed Denial of Service (DDoS) Attack. To mitigate this threat, this paper proposes to use the central control of SDN for attack detection and introduces a solution that is effective and lightweight in terms of the resources that it uses. More precisely, this paper shows how DDoS attacks can exhaust controller resources and provides a solution to detect such attacks based on the entropy variation of the destination IP address. This method is able to detect DDoS within the first five hundred packets of the attack traffic.
引用
收藏
页码:77 / 81
页数:5
相关论文
共 50 条
  • [21] An SDN-based Approach For Defending Against Reflective DDoS Attacks
    Lukaseder, Thomas
    StOlzle, Kevin
    Kleber, Stephan
    Erb, Benjamin
    Kargl, Frank
    PROCEEDINGS OF THE 2018 IEEE 43RD CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN), 2018, : 299 - 302
  • [22] A Collaborative Intrusion Detection System against DDoS for SDN
    Chen, Xiaofan
    Yu, Shunzheng
    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2016, E99D (09) : 2395 - 2399
  • [23] A Detection Method for DDoS Attack against SDN Controller
    Meng, Linhai
    Guo, Xiao
    PROCEEDINGS OF THE 4TH ANNUAL INTERNATIONAL CONFERENCE ON MATERIAL ENGINEERING AND APPLICATION (ICMEA 2017), 2017, 146 : 292 - 296
  • [24] The DDoS attacks detection through machine learning and statistical methods in SDN
    Afsaneh Banitalebi Dehkordi
    MohammadReza Soltanaghaei
    Farsad Zamani Boroujeni
    The Journal of Supercomputing, 2021, 77 : 2383 - 2415
  • [25] The DDoS attacks detection through machine learning and statistical methods in SDN
    Dehkordi, Afsaneh Banitalebi
    Soltanaghaei, MohammadReza
    Boroujeni, Farsad Zamani
    JOURNAL OF SUPERCOMPUTING, 2021, 77 (03): : 2383 - 2415
  • [26] SDN-based detection and mitigation of DDoS attacks on smart homes
    Garba, Usman Haruna
    Toosi, Adel N.
    Pasha, Muhammad Fermi
    Khan, Suleman
    COMPUTER COMMUNICATIONS, 2024, 221 : 29 - 41
  • [27] DNS Amplification Based DDoS Attacks in SDN Environment: Detection and Mitigation
    Gupta, Vishal
    Kochar, Amrit
    Saharan, Shail
    Kulshrestha, Rakhee
    2019 IEEE 4TH INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATION SYSTEMS (ICCCS 2019), 2019, : 473 - 478
  • [28] DDoS Attacks and Flash Event Detection Based on Flow Characteristics in SDN
    Sun, Guozi
    Jiang, Wenti
    Gu, Yu
    Ren, Danni
    Li, Huakang
    2018 15TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED VIDEO AND SIGNAL BASED SURVEILLANCE (AVSS), 2018, : 556 - 561
  • [29] Modeling DDOS attacks in sdn and detection using random forest classifier
    Abdullahi Wabi, Aishatu
    Idris, Ismail
    Mikail Olaniyi, Olayemi
    Joseph, A.
    Surajudeen Adebayo, Olawale
    Journal of Cyber Security Technology, 2024, 8 (04) : 229 - 242
  • [30] A Detection Method for a Novel DDoS Attack against SDN Controllers by Vast New Low-Traffic Flows
    Dong, Ping
    Du, Xiaojiang
    Zhang, Hongke
    Xu, Tong
    2016 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC), 2016,
12345