Abstract
Distributed denial of service (DDoS) attacks have always been a nightmare for network infrastructure for the last two decades. Existing network infrastructure is lacking in identifying and mitigating the attack due to its inflexible nature. Currently, software-defined networking (SDN) is more popular due to its ability to monitor and dynamically configure network devices based on the global view of the network. In SDN, the control layer is accountable for forming all decisions in the network and data plane for just forwarding the message packets. The unique property of SDN has brought a lot of excitement to network security researchers for preventing DDoS attacks. In this article, for the identification of DDoS attacks in the OpenFlow controller, a probabilistic technique with a central limit theorem has been utilized. This method primarily detects resource depletion attacks, for which the DARPA dataset is used to train the probabilistic model. In different attack scenarios, the probabilistic approach outperforms the entropy-based method in terms of false negative rate (FNR). The emulation results demonstrate the efficacy of the approach, by reducing the FNR by 98% compared to 78% in the existing entropy mechanism, at 50% attack rate.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
