Abstract
Software Defined Network (SDN) is the new era of networking technology based on a centralized controller that separates the switch hardware from its operating software. The most important challenge is the security of SDN and the most prominent attack is the Distributed Denial of Service (DDoS) attack. Some of the research work done so far detects DDoS attacks using a threshold, which is usually assumed without proper scientific reason and hence may not be always accurate. The mitigation techniques used by some researchers block the host from sending the network traffic beyond a threshold, by installing drop rules in the flow table of the switch connected to that host. Doing so will not only block the attack traffic but also the genuine ones from other applications of that host. In this paper, we propose a model that calculates the threshold limit for the type of applications sending data to a particular switch, in real-time using a machine learning (ML) model, and determines whether that application traffic is DDoS traffic. After the detection, only application type sending DDoS traffic is blocked while other genuine applications are allowed to send the network traffic without any interruption. The use of a dynamic threshold, based on the current network traffic, will help in detecting DDoS efficiently.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.