Title :
Early detection of DDoS attacks against SDN controllers
Author :
Mousavi, Seyed Mohammad ; St-Hilaire, Marc
Author_Institution :
Dept. of Syst. & Comput. Eng., Carleton Univ., Ottawa, ON, Canada
Abstract :
A Software Defined Network (SDN) is a new network architecture that provides central control over the network. Although central control is the major advantage of SDN, it is also a single point of failure if it is made unreachable by a Distributed Denial of Service (DDoS) Attack. To mitigate this threat, this paper proposes to use the central control of SDN for attack detection and introduces a solution that is effective and lightweight in terms of the resources that it uses. More precisely, this paper shows how DDoS attacks can exhaust controller resources and provides a solution to detect such attacks based on the entropy variation of the destination IP address. This method is able to detect DDoS within the first five hundred packets of the attack traffic.
Keywords :
IP networks; computer network security; software defined networking; telecommunication traffic; DDoS attacks; Distributed Denial Of Service attack; IP address destination; SDN controllers; attack detection; attack traffic; central control; entropy variation; exhaust controller resources; network architecture; software defined network; Computer architecture; Computer crime; Control systems; Entropy; IP networks; Monitoring; Process control; Controller; DDoS attack; Entropy; SDN;
Conference_Titel :
Computing, Networking and Communications (ICNC), 2015 International Conference on
Conference_Location :
Garden Grove, CA
DOI :
10.1109/ICCNC.2015.7069319
