Abstract
Software Defined Networking (SDN) has emerged as a new networking paradigm that is based on the decoupling between data plane and control plane providing several benefits that include flexible, manageable, and centrally controlled networks. From a security point of view, SDNs suffer from several vulnerabilities that are associated with the nature of communication between control plane and data plane. In this context, software defined networks are vulnerable to distributed denial of service attacks. In particular, the centralization of the SDN controller makes it an attractive target for these attacks because overloading the controller with huge packet volume would result in bringing the whole network down or degrade its performance. Moreover, DDoS attacks may have the objective of flooding a network segment with huge traffic volume targeting single or multiple end systems. In this paper, we propose an entropy-based mechanism for Distributed Denial of Service (DDoS) attack detection and mitigation in SDN networks. The proposed mechanism is based on the entropy values of source and destination IP addresses of flows observed by the SDN controller which are compared to a preset entropy threshold values that change in adaptive manner based on network dynamics. The proposed mechanism has been evaluated through extensive simulation experiments.
Highlights
The growth of networking and Internet has reached high rates in last years
Software defined networking (SDN) has emerged as a new networking paradigm that is based on the decoupling between data plane and control plane [4]
Distributed Denial of Service (DDoS) attacks may have the objective of flooding a network segment with huge traffic volume targeting single or multiple end systems
Summary
The growth of networking and Internet has reached high rates in last years. This growth requires several changes in the networking industry. Software defined networking (SDN) has emerged as a new networking paradigm that is based on the decoupling between data plane and control plane [4]. It makes it possible to address many of the challenges and limitations of traditional computer networks and provide fixable and efficient management of networking resources. Several research efforts adopted entropy as a main method for DDoS attack detection in both traditional networks and SDN networks. This is because entropy provides a measure of statistical randomness of a certain variable and any sudden
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
