A Novel Feature-Based DDoS Detection and Mitigation Scheme in SDN Controller Using Queueing Theory

被引:9
作者
Tahmasebi, Ava [1 ]
Salahi, Ahmad [2 ]
Pourmina, Mohammad Ali [1 ]
机构
[1] Islamic Azad Univ, Fac Mech Elect & Comp Engn, Sci & Res Branch, Tehran, Iran
[2] Iran Telecommun Res Ctr, Commun Technol Inst, Tehran, Iran
关键词
Software defined network (SDN); Feature extraction; Distributed denial of service (DDoS); Queueing theory; Controller utilization; ATTACK;
D O I
10.1007/s11277-020-07954-3
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
Software defined network (SDN) has attracted great interests as an emergent paradigm which aims to centralize the configuration of network devices by decoupling control layer and data layer. One considerable challenge in SDN is to protect against multiple attacks generated by distributed denial of service (DDoS) bots which attempt to make SDN controllers unavailable. The goal of this research is to propose a novel detect and mitigate DDoS attack in SDN controllers using traffic monitoring. Besides the advantages of queueing theory based model is exploited to evaluate the arrival flows and leveraging robust features and entropy, a distance-based classification is designed accurately to detect malicious packets from legitimate packets. The experimental results vividly demonstrate that our proposed detection scheme effectively yields high accuracy as well as high-efficiency controller utilization.
引用
收藏
页码:1985 / 2006
页数:22
相关论文
共 25 条
[1]   DDoS Detection System: Using a Set of Classification Algorithms Controlled by Fuzzy Logic System in Apache Spark [J].
Alsirhani, Amjad ;
Sampalli, Srinivas ;
Bodorik, Peter .
IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2019, 16 (03) :936-949
[2]  
Bari MF, 2013, INT CONF NETW SER, P18, DOI 10.1109/CNSM.2013.6727805
[3]   Inter-function anomaly analysis for correct SDN/NFV deployment [J].
Basile, Cataldo ;
Canavese, Daniele ;
Lioy, Antonio ;
Pitscheider, Christian ;
Valenza, Fulvio .
INTERNATIONAL JOURNAL OF NETWORK MANAGEMENT, 2016, 26 (01) :25-43
[4]  
Bera P, 2016, PROCEEDINGS OF 2016 5TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND NETWORK TECHNOLOGY (ICCSNT), P497, DOI 10.1109/ICCSNT.2016.8070208
[5]   SDN-Based SYN ProxyA Solution to Enhance Performance of Attack Mitigation Under TCP SYN Flood [J].
Dang Van Tuyen ;
Truong Thu Huong ;
Nguyen Huu Thanh ;
Pham Ngoc Nam ;
Nguyen Ngoc Thanh ;
Marshall, Alan .
COMPUTER JOURNAL, 2019, 62 (04) :518-534
[6]   A Game Theoretical Based System Using Holt-Winters and Genetic Algorithm With Fuzzy Logic for DoS/DDoS Mitigation on SDN Networks [J].
De Assis, Marcos V. O. ;
Hamamoto, Anderson H. ;
Abrao, Taufik ;
Proenca, Mario Lemes, Jr. .
IEEE ACCESS, 2017, 5 :9485-9496
[7]   Towards an Elastic Distributed SDN Controller [J].
Dixit, Advait ;
Hao, Fang ;
Mukherjee, Sarit ;
Lakshman, T. V. ;
Kompella, Ramana .
ACM SIGCOMM COMPUTER COMMUNICATION REVIEW, 2013, 43 (04)
[8]   Semi-Supervised K-Means DDoS Detection Method Using Hybrid Feature Selection Algorithm [J].
Gu, Yonghao ;
Li, Kaiyue ;
Guo, Zhenyang ;
Wang, Yongfei .
IEEE ACCESS, 2019, 7 :64351-64365
[9]  
Jarschel M., 2011, Proceedings of the 2011 23rd International Teletraffic Congress (ITC 2011), P1
[10]   JESS: Joint Entropy-Based DDoS Defense Scheme in SDN [J].
Kalkan, Kubra ;
Altay, Levent ;
Gur, Gurkan ;
Alagoz, Fatih .
IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, 2018, 36 (10) :2358-2372