June 1, 2019 Thesis Open Access

Mulatu Mekonnen

DCAT Export

<?xml version='1.0' encoding='utf-8'?>
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:adms="http://www.w3.org/ns/adms#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dct="http://purl.org/dc/terms/" xmlns:dctype="http://purl.org/dc/dcmitype/" xmlns:dcat="http://www.w3.org/ns/dcat#" xmlns:duv="http://www.w3.org/ns/duv#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:frapo="http://purl.org/cerif/frapo/" xmlns:geo="http://www.w3.org/2003/01/geo/wgs84_pos#" xmlns:gsp="http://www.opengis.net/ont/geosparql#" xmlns:locn="http://www.w3.org/ns/locn#" xmlns:org="http://www.w3.org/ns/org#" xmlns:owl="http://www.w3.org/2002/07/owl#" xmlns:prov="http://www.w3.org/ns/prov#" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:schema="http://schema.org/" xmlns:skos="http://www.w3.org/2004/02/skos/core#" xmlns:vcard="http://www.w3.org/2006/vcard/ns#" xmlns:wdrs="http://www.w3.org/2007/05/powder-s#">
  <rdf:Description rdf:about="https://doi.org/10.20372/nadre:5760">
    <rdf:type rdf:resource="http://www.w3.org/ns/dcat#Dataset"/>
    <dct:type rdf:resource="http://purl.org/dc/dcmitype/Text"/>
    <dct:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://doi.org/10.20372/nadre:5760</dct:identifier>
    <foaf:page rdf:resource="https://doi.org/10.20372/nadre:5760"/>
    <dct:creator>
      <rdf:Description>
        <rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
        <foaf:name>Mulatu Mekonnen</foaf:name>
      </rdf:Description>
    </dct:creator>
    <dct:title>IP-BASED DDOS ATTACK DETECTION AND MITIGATION FOR SDN CONTROLLER</dct:title>
    <dct:publisher>
      <foaf:Agent>
        <foaf:name>Zenodo</foaf:name>
      </foaf:Agent>
    </dct:publisher>
    <dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#gYear">2019</dct:issued>
    <dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2019-06-01</dct:issued>
    <owl:sameAs rdf:resource="https://nadre.ethernet.edu.et/record/5760"/>
    <adms:identifier>
      <adms:Identifier>
        <skos:notation rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://nadre.ethernet.edu.et/record/5760</skos:notation>
        <adms:schemeAgency>url</adms:schemeAgency>
      </adms:Identifier>
    </adms:identifier>
    <dct:isVersionOf rdf:resource="https://doi.org/10.20372/nadre:5759"/>
    <dct:isPartOf rdf:resource="https://nadre.ethernet.edu.et/communities/dbu"/>
    <dct:isPartOf rdf:resource="https://nadre.ethernet.edu.et/communities/zenodo"/>
    <dct:description>&lt;p&gt;Software-defined networking architectural framework eases the life of the network&lt;br&gt; administrators by isolating the data plane from the control plane. This facilitates&lt;br&gt; easy configuration of the network, provides a programmable interface for developing&lt;br&gt; applications related to management, security, logging etc. and the centralized logical&lt;br&gt; controller gives more control over the entire network, which has the total visibility&lt;br&gt; of the network.&lt;br&gt; These advantages of SDN also expose the network to the vulnerabilities and the&lt;br&gt; impact of the attacks are much severe when compared to conventional networks,&lt;br&gt; where the network devices in itself provided protection from the attacks and limits&lt;br&gt; the scope of the attacks.&lt;br&gt; In this paper, we explore various attacks that can be launched on SDN at different&lt;br&gt; layers. We also evaluate some of the existing security methods in mitigating the&lt;br&gt; attacks. We also explore a possible solution to prevent DDoS attacks using entropy.&lt;br&gt; A Distributed Denial of Service (DDoS) attack is a DoS attack utilizing multiple&lt;br&gt; distributed attack sources. Every network in the system has an entropy. Increase&lt;br&gt; in randomness causes decrease in entropy. To mitigate this threat, this project&lt;br&gt; proposes to use the central control of SDN for attack detection and introduces a&lt;br&gt; solution that is effective and lightweight in terms of the resources that it uses.&lt;br&gt; More precisely, this project shows how DDoS attacks can exhaust controller resources&lt;br&gt; and provides a solution to detect such attacks based on the entropy variation of&lt;br&gt; the destination IP address. Based on this value if it drops below threshold , we are&lt;br&gt; blocking the specific port in the switch and bring the port down. This method is able&lt;br&gt; to detect DDoS within the first five hundred packets of the attack traffic.&lt;/p&gt;</dct:description>
    <dct:accessRights rdf:resource="http://publications.europa.eu/resource/authority/access-right/PUBLIC"/>
    <dct:accessRights>
      <dct:RightsStatement rdf:about="info:eu-repo/semantics/openAccess">
        <rdfs:label>Open Access</rdfs:label>
      </dct:RightsStatement>
    </dct:accessRights>
    <dcat:distribution>
      <dcat:Distribution>
        <dct:rights>
          <dct:RightsStatement rdf:about="http://www.opendefinition.org/licenses/cc-by">
            <rdfs:label>Creative Commons Attribution</rdfs:label>
          </dct:RightsStatement>
        </dct:rights>
        <dcat:accessURL rdf:resource="https://doi.org/10.20372/nadre:5760"/>
      </dcat:Distribution>
    </dcat:distribution>
    <dcat:distribution>
      <dcat:Distribution>
        <dcat:accessURL rdf:resource="https://doi.org/10.20372/nadre:5760"/>
        <dcat:byteSize>647925</dcat:byteSize>
        <dcat:downloadURL rdf:resource="https://nadre.ethernet.edu.et/record/5760/files/f1042664640.pdf"/>
        <dcat:mediaType>application/pdf</dcat:mediaType>
      </dcat:Distribution>
    </dcat:distribution>
  </rdf:Description>
</rdf:RDF>