Implementation of Entropy-Based DDoS Attack Detection Method in Different SDN Topologies
Keywords:
Software-Defined Network (SDN), Distributed Denial of Service (DDoS), Entropy, RYU controllerAbstract
Software-Defined Network (SDN) brings a lot of advantages to the world of networking through its flexibility and centralized management, but this centralized control makes SDN susceptible to different types of attacks. The Distributed Denial of Service (DDoS) attack is one of the most commonly used attacks since it is relatively easy to deploy and very successful at harming any network, thus researchers are mostly focusing on this type to discover an effective defense mechanism against it. This work investigates the impact of a DDoS attack on an SDN environment and proposes a light and effective method for detecting this attack at an early stage based on calculating the entropy of destination network traffic IP addresses. The proposed method proved its ability to detect the DDoS attack with minimum detection time in three different SDN network topologies which are single, linear, and multi-controller. RYU controller has been used with Mininet emulator and OpenFlow protocol.
References
J. C. C. Chica, J. C. Imbachi, J. F. B. Vega, “Security in SDN: A comprehensive survey,” Elsevier, Journal of Network and Computer Applications, vol. 159, 2020.
S. Wang, K. Gomez, K. Sithamparanathan, M. R. Asghar, G. Russello, and P. Zanna, “Mitigating DDoS attacks in SDN-BASED IOT Networks Leveraging secure control and data Plane Algorithm,” Applied Sciences, vol. 11, no. 3, p. 929, 2021.
N. Ravi and S. M. Shalinie, "Learning-Driven Detection and Mitigation of DDoS Attack in IoT via SDN-Cloud Architecture," IEEE Internet of Things Journal, vol. 7, no. 4, pp. 3559-3570, April 2020,
S. Bendale, C. Dharmadhikari, S. Kulkarni, S. Temkar, “A Study of DDoS Attacks in Software Defined Networks,” International Research Journal of Engineering and Technology (IRJET), vol. 6, no. 12, Dec 2019.
L. Zhou, M. Liao, C. Yuan, and H. Zhang,” Low-Rate DDoS Attack Detection Using Expectation of Packet Size,” Wiley, Security and Communication Networks, vol. 2017, 2017, pp. 1-15.
S. Dhaliwal, “Detection and mitigation of syn and http flood ddos attacks in software defined networks,” M.S. thesis College of Eng. and Sc Ryerson Univ., Toronto, 2017.
A. Ahalawat, S. S. Dash, A. Panda, and K. S. Babu, “Entropy based ddos detection and mitigation in OpenFlow enabled sdn,” International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), 2019, pp. 1-5.
T. Pandikumar, F. Atkilt, A.K Hassen,” Early Detection of DDoS Attacks in a Multi-Controller Based SDN,” International Journal of Engineering Science and Computing, Vol. 7, no.6 ,2017.
A. B. Dehkordi, M. R. Soltanaghaei & F. Z. Boroujeni,” The DDoS attacks detection through machine learning and statistical methods in SDN,” springer, the journal of supercomputing, vol.77, no.3, 2021.
J. R. Dennis, and X. Li, “Machine-Learning and Statistical Methods for DDoS Attack Detection and Defense System in Software Defined Networks,” M.S. thesis College of Eng. and Sc Ryerson Univ., Toronto, 2018.
G. Hong, C. Lee and M. Lee, "Dynamic Threshold for DDoS Mitigation in SDN Environment," Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), 2019, pp. 1-7.
M. Z. Abdullah, N. A. Al-awad, F. W. Hussein,” Implementation of entropy-based distributed denial of service attack detection method in multiple pox controllers,” Review of Computer Engineering Studies,2019, Vol. 6, No. 2, pp. 29-38.
R. Swami, M. Dave and V. Ranga, "Defending DDoS against Software Defined Networks using Entropy," 2019 4th International Conference on Internet of Things: Smart Innovation and Usages (IoT-SIU), 2019, pp. 1-5.
K. S. Sahoo, B. Sahoo, M. Vankayala and R. Dash, "Detection of Control Layer DDoS Attack using Entropy metrics in SDN: An Empirical Investigation," Ninth International Conference on Advanced Computing (ICoAC), 2017, pp. 281-286.
K. Bavani, M. P. Ramkumar and E. Selvan G.S.R., "Statistical Approach Based Detection of Distributed Denial of Service Attack in a Software Defined Network," 6th International Conference on Advanced Computing and Communication Systems (ICACCS), 2020, pp. 380-385.
S. Ali, M. K. Alvi, S. Faizullah, M. A. Khan, A. Alshanqiti and I. Khan, "Detecting DDoS Attack on SDN Due to Vulnerabilities in OpenFlow," International Conference on Advances in the Emerging Computing Technologies (AECT), 2020, pp. 1-6.
O. Tayfour, M. Marsono,” Collaborative Detection and Mitigation of Distributed Denial-of-Service Attacks on Software-Defined Network.” springer, Mobile Networks and Applications, vol.25, 2020, pp. 1-10.
M. Aladaileh, M. Anbar, I. H. Hasbullah, Y. K. Sanjalawe and Y. Chong,” Entropy-Based Approach to Detect DDoS Attacks on Software Defined Networking Controller,” Computers, Materials & Continua, vol. 69, no.1, pp. 373–391, 2021.
O. Rahman, M. A. G. Quraishi and C. Lung, "DDoS Attacks Detection and Mitigation in SDN Using Machine Learning," IEEE World Congress on Services (SERVICES), 2019, pp. 184-189.
B. H. Lawal and A. T. Nuray, "Real-time detection and mitigation of distributed denial of service (DDoS) attacks in software defined networking (SDN)," Signal Processing and Communications Applications Conference (SIU), 2018, pp. 1-4.
N. M. Abdel-Azim, S. F. Fahmy, M. A. Sobh, A. M. Bahaa-Eldin, “A hybrid entropy-based DoS attacks detection system for software defined networks (SDN): A proposed trust mechanism,” Elsevier, Egyptian Informatics Journal, vol. 22, no. 1, 2021, pp. 85-90.
A. Jehad, S. Lee and B. Roh, “Performance Analysis of POX and Ryu with Different SDN Topologies,” Proceedings of the 2018 International Conference on Information Science and System, 2018.
Downloads
Published
How to Cite
Issue
Section
License
Authors who submit papers with this journal agree to the following terms.
