Neural Network Based Protection of Software Defined Network Controller against Distributed Denial of Service Attacks
نویسندگان
چکیده مقاله:
Software Defined Network (SDN) is a new architecture for network management and its main concept is centralizing network management in the network control level that has an overview of the network and determines the forwarding rules for switches and routers (the data level). Although this centralized control is the main advantage of SDN, it is also a single point of failure. If this main control is made unreachable for any reason, the architecture of the network is crashed. A distributed denial of service (DDoS) attack is a threat for the SDN controller which can make it unreachable. In the previous researches in DDoS detection in SDN, not enough work has been done on improvement of accuracy in detection. The proposed solution of this research can detect DDoS attack on SDN controller with a noticeable accuracy and prevents serious damage to the controller. For this purpose, fast entropy of each flow is computed at certain time intervals. Then, by the use of adaptive threshold, the possibility of a DDoS attack is investigated. In order to achieve more accuracy, another method, computing flow initiation rate, is used alongside. After observation of the results of this two methods, according to the described conditions, the existence of an attack is confirmed or rejected, or this decision is made at the next step of the algorithm, with further study of flow statistics of network switches by the perceptron neural network. The evaluation results show that the proposed algorithm has been able to make a significant improvement in detection rate and a reduction in false alarm rate compared to closest previous work, besides maintaining the average detection time on an acceptable level.
منابع مشابه
Analysis of Software Defined Networking defences against Distributed Denial of Service attacks
The Secure Autonomous Response Networks (SARNET) framework introduces a mechanism to respond autonomously to security attacks in Software Defined Networks (SDN). Still the range of responses possible and their effectiveness need to be properly evaluated such that the decision making process and the self-learning capability of such systems are optimized. To this purpose we developed a touch-tabl...
متن کاملMobile-Agent-Based Network Cooperative Security Architecture against Distributed Denial-of-Service Attacks
The objective of the Distributed Denial-of-Service (DDoS) attacks is to paralyze the server and the provided services. Attackers usually intrude a group of hosts, and organize these hosts into a hierarchy. The intruded hosts located in the leaves of the hierarchy may be commanded to simultaneously send a large amount of attacking packets to the victim to interrupt or stop its services. It is ve...
متن کاملController Placement in Software Defined Network using Iterated Local Search
Software defined network is a new computer network architecture who separates controller and data layer in network devices such as switches and routers. By the emerge of software defined networks, a class of location problems, called controller placement problem, has attracted much more research attention. The task in the problem is to simultaneously find optimal number and location of controll...
متن کاملDefending Against Distributed Denial of Service Attacks
The Denial of Service attack, especially the Distributed Denial of Service (DDoS) attack, has become one of the major threats to the Internet. Generally, attackers launch DDoS attacks by directing a massive number of attack sources to send useless traffic to the victim. The victim’s services are disrupted when its host or network resources are occupied by the attack traffic. The threat of DDoS ...
متن کاملSecurecast: Multicast Based Protection Against Denial of Service Attacks
In this paper, we introduce a proactive mechanism to protect Internet hosts against network based denial of service (DoS) attacks. We give Internet hosts an ability to explicitly control who to communicate with and therefore avoid potential DoS attacks coming from the others over the Internet. Our approach depends on the availability of the Source Specific Multicast (SSM) service in the Interne...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملمنابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ذخیره در منابع من قبلا به منابع من ذحیره شده{@ msg_add @}
عنوان ژورنال
دوره 30 شماره 11
صفحات 1714- 1722
تاریخ انتشار 2017-11-01
با دنبال کردن یک ژورنال هنگامی که شماره جدید این ژورنال منتشر می شود به شما از طریق ایمیل اطلاع داده می شود.
میزبانی شده توسط پلتفرم ابری doprax.com
copyright © 2015-2023