Abstract
The increasing incidence of distributed denial-of-service (DDoS) attacks has made software-defined networking (SDN) more vulnerable to the depletion of controller resources. DDoS attacks prevent the SDN controller from processing all incoming data efficiently, potentially disrupting a network or denying legitimate users access to network services. Thus, the protection of the SDN controller is crucial, especially from the ones that exploit the SDN characteristics. In this paper, the authors propose an efficient detection approach for low- and high-rate DDoS attacks on the controller with a high detection rate and a low false positive rate by adapting a dynamic threshold algorithm rather than a static one and proposing a new rule-based detection mechanism. In addition, the proposed approach was evaluated using eight simulation scenarios representing all potential attacks against the SDN controller in terms of attack traffic rates (low or high), sources (either single or multiple hosts), and targets (single or multiple victims). The experiment results show that the proposed approach is more effective than the existing approaches based on attack detection and false positive rates.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
