Abstract

The rapid usage of the Internet for the last few decades has lead to the deployment of high-speed networks in commercial and educational institutions. As network traffic is increasing, security challenges are also increasing in the high-speed network. Although the Intrusion Detection System (IDS) has a significant role in spotting potential attacks, the heavy traffic flow causes severe technical challenges relating to monitoring and detecting the network activities. Moreover, the devastating nature of the Distributed Denial-of-Service (DDoS) attack draws out as a significant cyber-attack regardless of the emergence of Software Defined Network (SDN) architecture. This paper proposes a novel framework to address the performance issues of IDS and the design issues of SDN about DDoS attacks by incorporating intelligence in the data layer using Data Plane Development Kit (DPDK) in the SDN architecture. This novel framework is named as DPDK based DDoS Detection (D3) framework, since DPDK provides fast packet processing and monitoring in the data plane. Moreover, the statistical anomaly detection algorithm implemented in the data plane as Virtual Network Function (VNF) using DPDK offers fast detection of DDoS attacks. The experimental results of the D3 framework guarantee both efficiency and effect of the novel IDS framework. The publicly available CIC DoS datasets also ensure the detection effect of a single statistical anomaly detection algorithm against the DDoS attack.

Highlights

  • Distributed Denial of Service (DDoS) has been one of the evergreen attacks for a few decades preventing legitimate users from accessing services, incapacitating the target, and causing high revenue loss

  • 1) System Architecture The different schematic design of the DDoS detection framework in the Software Defined Network (SDN) environment is shown in Figure 3, wherein Figure 3(a) depicts DDoS attack detection in SDN controller plane described in sections II-B1,VI-A, Figure 3(b) depicts the collaboration of data plane in DDoS detection with the controller plane mentioned in section VI-B, and Figure 3(c) depicts the proposed system architecture which is the integration of Data Plane Development Kit (DPDK) in the Data plane for the fast processing of packets and high performance

  • 3) the CPU utilization of the controller in the D3 framework is evaluated to illustrate the virtue of the D3 framework compared with other SDN based DDoS defense framework [26], [28]

Read more

Summary

Introduction

Distributed Denial of Service (DDoS) has been one of the evergreen attacks for a few decades preventing legitimate users from accessing services, incapacitating the target, and causing high revenue loss. The requirement of customized hardware with software in the middlebox defense technique is incompatible with adaptable network architecture and fails to maintain a global network intelligence [3]– [8] Researchers addressed this issue by a programmable network paradigm called Software Defined Network (SDN) for challenging security threats of DDoS [9]–[14] that delivers network intelligence to incorporate the rapid change of network configuration in today’s data centers, industry, academic, and IoT era. It helps to provide a holistic, costeffective, lightweight approach against DDoS attacks without any additional hardware requirements, which is ideal for a modern changing network scenario

Objectives
Methods
Results
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call