Detection of DDoS Attacks in Software Defined Networking Using Entropy

Cong Fan,He Jiang,Nitheesh Murugan Kaliyamurthy,Carlene Campbell,Yiwen Zhou,Shi Chen

doi:10.3390/app12010370

Abstract

Software Defined Networking (SDN) is one of the most commonly used network architectures in recent years. With the substantial increase in the number of Internet users, network security threats appear more frequently, which brings more concerns to SDN. Distributed denial of Service (DDoS) attacks are one of the most dangerous and frequent attacks in software defined networks. The traditional attack detection method using entropy has some defects such as slow attack detection and poor detection effect. In order to solve this problem, this paper proposed a method of fusion entropy, which detects attacks by measuring the randomness of network events. This method has the advantages of fast attack detection speed and obvious decrease in entropy value. The complementarity of information entropy and log energy entropy is effectively utilized. The experimental results show that the entropy value of the attack scenarios 91.25% lower than normal scenarios, which has greater advantages and significance compared with other attack detection methods.

Highlights

In order to solve the impact of Distributed denial of Service (DDoS) attacks on the Software Defined Networking (SDN) controller, this paper proposes to use fusion entropy for attack detection
In order to solve the impact of DDoS attacks on the SDN controller, this paper proposes information entropy has the characteristics of rapid entropy reduction in attack scenarios, to use fusion entropy for attack detection
In order to achieve the purpose of attack detection, this paper proposes a fusion entropy method

Summary

Introduction

SDN breaks the shackles of traditional network complexity and coupling and makes it possible for network architecture to satisfy flexibility, reliability and security at the same time. It separates the control plane from the data plane and separates the control function of the network from the data forwarding function [1]. The control plane is only responsible for routing decisions, while the data plane realizes these decisions by forwarding packets and other behaviors. The separation of the two planes can improve the abstraction and programming ability of the network and makes the network structure less tedious and redundant

Methods

Discussion

Conclusion