Abstract
The SDN architecture decouples control plane from data plane, making it more susceptible to various abnormal traffic and network attacks, with LDoS attack being one of them. LDoS attackers periodically send short-duration pulses with high rate to bottleneck links to preempt legitimate TCP traffic bandwidth, severely disrupting the transmission of TCP traffic. Current researches on LDoS attacks are mostly implemented in SDN environments, making them exhibit poor portability during deployment and unavoidable time delays. This paper proposes EXCLF, a LDoS attack detection and mitigation model fully deployed on programmable data plane. To identify LDoS attacks, the model gathers features of the traffic going through the switch and feeds them into a decision tree. Once LDoS attack happens, the model collects data at flow level to pinpoint the attacker and initiates corresponding mitigation measures. Extensive experiments were conducted to evaluate the proposed model, and the results indicate that EXCLF achieves a correct rate of 96.39%, with false positive and false negative rates both below 3%. Additionally, the model demonstrates low detection latency and can quickly respond to attacks. The model proves to be an attack detection and mitigation method with good portability and efficiency.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
