SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking

被引：0

作者：

Sumit Badotra

Surya Narayan Panda

机构：

[1] Chitkara University,Chitkara University Institute of Engineering and Technology

来源：

Cluster Computing | 2021年 / 24卷

关键词：

DDoS attacks; SDN controllers; Opendaylight; Open network operating system; Security;

D O I：

暂无

中图分类号：

学科分类号：

摘要：

Software-defined networking (SDN) is an approach in the network that provides many advantages with the help of separating the intelligence of the network (controller) with the underlying network infrastructure (data plane). But this isolation also gives birth to many security concerns; therefore, the need to protect the network from various attacks is becoming mandatory. Distributed Denial of Service (DDoS) in SDN is one such attack that is becoming a hurdle to its growth. Before the mitigation of DDoS attacks, the primary step is to detect them. In this paper, an early DDoS detection tool is created by using SNORT IDS (Intrusion Detection System). This tool is integrated with popularly used SDN controllers (Opendaylight and Open Networking Operating System). For the experimental setup, five different network scenarios are considered. In each scenario number of hosts, switches and data packets vary. For the creation of different hosts, switches the Mininet emulation tool is used whereas for generating the data packets four different penetration tools such as Hping3, Nping, Xerxes, Tor Hammer, LOIC are used. The generated data packets are ranging from (50,000 per second–2,50,000 per second) and the number of hosts/switches are ranging from (50–250) in every scenario respectively. The data traffic is bombarded towards the controllers and the evaluation of these packets is achieved by making use of Wireshark. The analysis of our DDoS detection system is performed on the basis of various parameters such as time to detect the DDoS attack, Round Trip Time (RTT), percentage of packet loss and type of DDoS attack. It is found that ODL takes minimum time to detect the successful DDoS attack and more time to go down than ONOS. Our tool ensures the timely detection of fast DDoS attacks which delivers the better performance of the SDN controller and not compromising the overall functionality of the entire network.

引用

页码：501 / 513

页数：12

共 63 条

[1]

Xia W(2015)A survey on software-defined networking IEEE Commun. Surveys Tutor. 17 27-51

[2]

Wen Y(2014)The road to SDN: an intellectual history of programmable networks ACM SIGCOMM Comput. Commun. Rev. 44 87-98

[3]

Foh CH(2014)A survey of software-defined networking: past, present, and future of programmable networks IEEE Commun. Surv. Tutor. 16 1617-1634

[4]

Niyato D(2011)The future of networking, and the past of protocols Open Netw. Summit 20 1-30

[5]

Xie H(2008)OpenFlow: enabling innovation in campus networks ACM SIGCOMM Comput. Commun. Rev. 38 69-74

[6]

Feamster N(2015)Software-defined networking: a comprehensive survey Proc. IEEE 103 14-76

[7]

Rexford J(2014)Software defined networking: state of the art and research challenges Comput. Netw. 72 74-98

[8]

Zegura E(2017)A review paper on software defined networking Int. J. Adv. Res. Comput. Sci. 8 2-294

[9]

Nunes BAA(2019)Guest editorial: Special issue on software defined networking: trends, challenges, and prospective smart solutions Peer-to-Peer Netw. Appl. 12 291-1997

[10]

Mendonca M(2019)Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment J. Amb. Intell. Hum. Comput. 10 1985-489

← 1 2 3 4 5 6 7 →