Distributed DoS Attack Detection and Mitigation in Software Defined Network (SDN)

2019 
Software Defined Networks (SDN) provides central control over the network and the commands can be applied on its controller and switches through the interfaces. It has a central element, called as controller that maintains records and controls over the entire network activities. Hence, it is necessary to protect the controller, from being unreachable to the hosts that are connected to it. The unavailability of the controller can result in Denial of Service (DoS)/ Distributed Denial of Service (DDoS) attack. This paper presents the utility of the central controlling facilities to detect attacks and to mitigate them using an easy approach which can be implemented on the controller. The approach is based on the concept of entropy which is an important statistic of an SDN is its entropy. By observing the variation in the entropy, the attack on the controller can be detected before the controller becomes unreachable. Simulations and numerical results show the effectiveness of the proposed method in detecting and preventing DDoS attacks at an early stage.
    • Correction
    • Source
    • Cite
    • Save
    • Machine Reading By IdeaReader
    0
    References
    1
    Citations
    NaN
    KQI
    []