Abstract
Abstract- Software-Defined Networking (SDN) is a promising sample that allows the programming behind the network’s operation with some abstraction level from the underlying networking devices .the insistence to detect and mitigate Distributed Denial of Service (DDoS) which introduced by network devices tries to discover network security weaknesses and the negative effects of some types of Distributed Denial of Service (DDoS) attacks. An SDN-based generic solution to mitigate DDoS attacks when and where they originate. Briefly, it compares at runtime the expected trend of normal traffic against the trend of abnormal traffic; if big deviation on the traffic trend is detected, then an event is created; as an event associated to a DDoS attack is produced, an SDN (OpenDayLight) controller creates flow rules for blocking the malign traffic, By designing and implementing an application that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. The evaluation results suggest that the proposal timely detect the characteristics of a flooding DDoS attacks, and mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. The work sheds light on the programming relevance over an abstracted view of the network infrastructure.
Highlights
Distributed denial- of- service (DDoS) is the most popular attack making network devices cannot be accessed or used by legitimate users [1]
The control plane communicates with the data plane byways as defined by an Software- Defined Networking (SDN) standard known as OpenFlow
The current proposal aims to detect and mitigate the distributed Denial of Service (DDoS) attack when an online server is under attack
Summary
Distributed denial- of- service (DDoS) is the most popular attack making network devices cannot be accessed or used by legitimate users [1]. The control plane makes the decisions where to send packets, and the data plane implements these decisions and forwards the packets [3]. The work proposes a feasible SDN-based generic solution to mitigate DDoS attacks without adding too much overload on the network. The current proposal aims to detect and mitigate the DDoS attack when an online server is under attack. The proposed solution has the following characteristics: 1) It compares at runtime the expected trend of normal traffic against the trend of monitored traffic; 2) If a significant deviation on the traffic trend is detected, an event is created; 3) As an event associated with a DDoS attack is produced, an SDN application programmed to start capturing and analyzing the traffic to creates flow rules for blocking the malign traffic with OpenDayLight controller
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Iraqi Journal of Information & Communications Technology
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
