Abstract

Software Defined Networking (SDN) introduces a new idea of “Programmable Network” which in turn provides flexibility, simplicity, and speeds up the implementation. The core idea behind SDN architecture is the separation of the control plane from the data plane. By separating these planes, the controller gets a total view of the network while the packet forwarding decisions are pushed down to switches. Thus the controller abstracts the complexity of the network. Unfortunately, this functionality of SDN also makes it as a target of one of the most popular type of DDoS attack known as TCP SYN Flood Attack. TCP SYN Flood attack is generally carried out to degrade the server resources. Considering this attack in SDN it makes the controller as a single point of failure by making the switch to forward the packet towards the controller and depleting the controller resources. In Addition, it also causes data plane saturation attack. To address this challenge, in this paper we propose SRL a competent and streamlined framework for mitigating TCP SYN Flood attack. SRL is implemented in the controller. It uses two modules Hashing module and flow aggregator module to overcome this attack. We implemented SRL in Floodlight controller under various attacking and normal traffic scenario. Results show that SRL acquaints only minor impact in SDN controller operations.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.