Abstract

Software defined networking (SDN), a highly regarded architecture, enhances the programmability and manageability of the network by decoupling the data plane and the control plane. It has emerged to bring more possibilities to the Internet, but at the same time, its inherent shortcomings have become a pool for malicious attackers. Low-rate denial of service (LDoS) attacks, a variant of denial of service attacks, also pose a threat to the SDN architecture. In this paper, we replicate LDoS attacks for the SDN data plane and propose a detection and mitigation framework called GASF-IPP based on multiple traffic and IP-port data by analyzing the network anomalies. By leveraging the OpenFlow protocol, the traffic of switches is monitored. We use Gramian angular summation field (GASF) transformation based on timing analysis to analyze the traffic and combine it with other features to determine whether an attack has occurred. By locating the attacker and the victim, flow rules can be constructed for mitigation. Experiments prove that our proposed framework is correct and effective, the detection and mitigation module can perform real-time work with a low false positive rate (FPR) and respond in average 6.77 s.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.