Abstract
Distributed Denial of Service (DDoS) attack is threatening network security with increasing number of DDoS attack events. Software Defined Network (SDN), a popular networking paradigm, brings many opportunities to defend against massive network attacks with its centralized control architecture. In this background, this paper proposes a DDoS attack detection and mitigation system, DETPro, which is an efficient and lightweight framework based on decision tree method. In this system, the POX controller and sFlow agents embedded in OpenvSwitch are responsible for network traffic information collection. The DDoS attack detection module implemented with a modified decision tree algorithm is applied to detect DDoS attacks, utilizing Gini impurity and Pessimistic Error Pruning (PEP) strategy. When attacks appear in the network, the DDoS attack mitigation module keeps the major network functionality working with a dynamic white list mechanism, which can timely block attack traffic and assure benign traffic to be served as usual. Experimental results show that DETPro can detect DDoS attack accurately and protect the network from various DDoS attacks effectively.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
