Defense mechanisms against DDoS attack based on entropy in SDN-cloud using POX controller

被引:2
作者
Anupama Mishra
Neena Gupta
B. B. Gupta
机构
[1] Gurukul Kangri Vishwavidyalaya,Department of Computer Science
[2] Niational Institute of Technology Kurukshetra,Department of Computer Engineering
[3] Asia University,Department of Computer Science and Information Engineering
[4] Macquarie University,undefined
来源
Telecommunication Systems | 2021年 / 77卷
关键词
Cloud computing; DDoS; Entropy; Mininet; POX controller; Software defined network;
D O I
暂无
中图分类号
学科分类号
摘要
Software defined networks (SDNs) in a combination of cloud computing are the best amalgamation for the researchers and industry. Though, these unique networking paradigms have been accepted world widely, they are hampered by various security threats. Among all the threats, the attack, Distributed Denial-of-Service (DDoS) is the most severe attack into the SDN-Cloud. In spite of, so many developments in tools and technology, it is still hard to detect the DDoS attack. Therefore, till now there is no efficient solution to cope up with this problem. In our research work, we proposed a defensive mechanism for DDoS attacks that is based on variations in entropy between DDoS attack and a normal traffic with a low computational overhead. We also proposed a mitigation technique to reduce the severity of the attack. On comparing with the existing DDoS mechanisms, our proposed method holds three advantages as (i) detection rate is high, (ii) false positive rate is low and (iii) the mitigation ability. Simulations are carried out in mininet emulator with POX controller and open flow switches at different attack strength. Our proposed mechanism has achieved a high detection rate with 98.2% over variable attack rate along with 0.04% false positive rate.
引用
收藏
页码:47 / 62
页数:15
相关论文
共 16 条
  • [1] Hussein A(2020)Software-defined networking (SDN): The security review Journal of Cyber Security Technology 4 1-66
  • [2] Alsmadi I(2015)Security of software defined networks: A survey Computers & Security 53 79-108
  • [3] Dianxiang Xu(2020)SCEF: A model for prevention of DDoS attacks from the cloud International Journal of Cloud Applications and Computing (IJCAC) 10 67-80
  • [4] Shidaganti GI(2017)ArOMA: An SDN based autonomic DDoS mitigation framework Computers & Security 70 482-499
  • [5] Sahay R(2018)Early detection of ddos attacks against software defined network controllers Journal of Network and Systems Management 26 573-591
  • [6] Mousavi SM(2016)SD-Anti-DDoS: Fast and efficient DDoS defense in software-defined networks Journal of Network and Computer Applications 68 65-79
  • [7] Marc S-H(2015)DDoS attack protection in the era of cloud computing and software-defined networking Computer Networks 81 308-319
  • [8] Cui Y(2019)An efficient privacy-preserving approach for secure verifiable outsourced computing on untrusted platforms International Journal of Cloud Applications and Computing (IJCAC) 9 79-98
  • [9] Wang B(2019)A novel meta-information management system for SaaS International Journal of Cloud Applications and Computing (IJCAC) 9 1-21
  • [10] Olakanmi OO(2015)DDoS attack detection using fast entropy approach on flow-based network traffic Procedia Computer Science 50 30-36
12