A Detection and Mitigation Scheme of LDoS Attacks via SDN Based on the FSS-RSR Algorithm

Abstract

Software-defined networking (SDN) is a new network architecture that separates the data plane from the control plane and provides network programmability, dynamic deployment, and management of network traffic. However, its security also faces many threats, such as low-rate denial of service (LDoS) attacks. The LDoS attack can use the vulnerability of the TCP congestion control mechanism on the network and requires only a small amount of attack data to achieve the attack effect, which make it harder to detect and mitigate than traditional DoS attacks. In this paper, we propose an LDoS attack detection and mitigation scheme. Our detection scheme collects the features of network traffic and uses the FSS-RSR algorithm to detect LDoS attacks in real time. Our mitigation scheme monitors traffic fluctuations to locate attack source IP addresses and delivers traffic rules to mitigate attacks. The experimental results show that our scheme has high accuracy and low complexity for LDoS attack detection, and a short response time for LDoS attack mitigation of fewer than 8 seconds.