DDoS attack mitigation using entropy in SDN-IoT environment

Abstract

The Internet of Things (IoT) is one of the most important modern technological practical sciences that contains a large number of heterogeneous devices that have the ability to communicate with each other through the Internet. Many different devices and protocols, as well as various types of technologies, participate in accomplishing this task. Information security is very difficult in this environment, which integrates with different environments especially Software-Defined Networking (SDN) is based on the Internet of Things. Unfortunately, SDN/IOT faces many security issues that affect the network components and the provided services, especially the attacks related to refusing of service DDoS attack. Alongside, to prevent consume controller resources and provide a solution to detect such attacks, the present paper proposes a method depending on DDoS attack detection plus mitigation with RYU and FloodLight controllers. The proposed method uses the Entropy-threshold technique programmed in python within the controllers and DDoS attacks executed from IoT sensors. The controller’s use the entropy value to block that specific port in the switch if it falls below a given threshold value and then shut down the port. The results show that Floodlight is better than dealing with DDoS attack cases compared with the RYU controllers. Alongside, the Throughput decreased from 0.1158 KB/s to 0.08916 KB/s in the Floodlight controller, while it decreased in the RYU controller from 0.0646 KB/s to 0.03294 KB/s.