Abstract
Software Defined Network is an evolving and promising architecture which allows greater control over network entities by centralising the control plane. Although on the surface SDN provides a simple framework for network programmability and monitoring, few has been said about security measures to make it more robust to hitherto security flaws. Among the identified security flaws, DDoS flooding attack continue to be one of the major security concerns as attack volumes are increasing year on year. In this paper, we developed and implement the feasibility of spoofing and flooding DDoS attack on data plane devices using Mininet emulator, floodlight and network performance testing tools. We further developed a mitigation mechanism to counter these attacks by pushing reactive flow through the controller to the attacking switch port. Our result shows that pushing flows through the controller mitigates the flooding attack with low performance overheads, and requires no change to the controllers mode of operation for deployment, which indicates a good performance of our model.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
