Thesis Open Access

IP-BASED DDOS ATTACK DETECTION AND MITIGATION FOR SDN CONTROLLER

Mulatu Mekonnen

Citation Style Language JSON Export

{
  "DOI": "10.20372/nadre:5760", 
  "author": [
    {
      "family": "Mulatu Mekonnen"
    }
  ], 
  "issued": {
    "date-parts": [
      [
        2019, 
        6, 
        1
      ]
    ]
  }, 
  "abstract": "<p>Software-defined networking architectural framework eases the life of the network<br>\nadministrators by isolating the data plane from the control plane. This facilitates<br>\neasy configuration of the network, provides a programmable interface for developing<br>\napplications related to management, security, logging etc. and the centralized logical<br>\ncontroller gives more control over the entire network, which has the total visibility<br>\nof the network.<br>\nThese advantages of SDN also expose the network to the vulnerabilities and the<br>\nimpact of the attacks are much severe when compared to conventional networks,<br>\nwhere the network devices in itself provided protection from the attacks and limits<br>\nthe scope of the attacks.<br>\nIn this paper, we explore various attacks that can be launched on SDN at different<br>\nlayers. We also evaluate some of the existing security methods in mitigating the<br>\nattacks. We also explore a possible solution to prevent DDoS attacks using entropy.<br>\nA Distributed Denial of Service (DDoS) attack is a DoS attack utilizing multiple<br>\ndistributed attack sources. Every network in the system has an entropy. Increase<br>\nin randomness causes decrease in entropy. To mitigate this threat, this project<br>\nproposes to use the central control of SDN for attack detection and introduces a<br>\nsolution that is effective and lightweight in terms of the resources that it uses.<br>\nMore precisely, this project shows how DDoS attacks can exhaust controller resources<br>\nand provides a solution to detect such attacks based on the entropy variation of<br>\nthe destination IP address. Based on this value if it drops below threshold , we are<br>\nblocking the specific port in the switch and bring the port down. This method is able<br>\nto detect DDoS within the first five hundred packets of the attack traffic.</p>", 
  "title": "IP-BASED DDOS ATTACK DETECTION AND MITIGATION FOR SDN CONTROLLER", 
  "type": "thesis", 
  "id": "5760"
}
0
0
views
downloads
All versions This version
Views 00
Downloads 00
Data volume 0 Bytes0 Bytes
Unique views 00
Unique downloads 00
More info on how stats are collected.
Indexed in
Publication date:
June 1, 2019
DOI:
10.20372/nadre:5760

Zenodo DOI Badge

DOI 

10.20372/nadre:5760

Markdown 

[![DOI](https://nadre.ethernet.edu.et/badge/DOI/10.20372/nadre:5760.svg)](https://doi.org/10.20372/nadre:5760)

reStructedText 

.. image:: https://nadre.ethernet.edu.et/badge/DOI/10.20372/nadre:5760.svg
   :target: https://doi.org/10.20372/nadre:5760

HTML 

<a href="https://doi.org/10.20372/nadre:5760"><img src="https://nadre.ethernet.edu.et/badge/DOI/10.20372/nadre:5760.svg" alt="DOI"></a>

Image URL 

https://nadre.ethernet.edu.et/badge/DOI/10.20372/nadre:5760.svg

Target URL 

https://doi.org/10.20372/nadre:5760

Communities:
License (for files):
Creative Commons Attribution

Versions

Version 1 10.20372/nadre:5760 Jun 1, 2019
Cite all versions? You can cite all versions by using the DOI 10.20372/nadre:5759. This DOI represents all versions, and will always resolve to the latest one. Read more.

Share

Cite as

Export