Thesis Open Access
Internet Protocol (IP)-Based Distributed Denial of Server (DDoS) Attack Detection and Mitigation for Software Defined Networking (SDN) Controller
MULATU MEKONNEN
DCAT Export
<?xml version='1.0' encoding='utf-8'?>
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:adms="http://www.w3.org/ns/adms#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dct="http://purl.org/dc/terms/" xmlns:dctype="http://purl.org/dc/dcmitype/" xmlns:dcat="http://www.w3.org/ns/dcat#" xmlns:duv="http://www.w3.org/ns/duv#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:frapo="http://purl.org/cerif/frapo/" xmlns:geo="http://www.w3.org/2003/01/geo/wgs84_pos#" xmlns:gsp="http://www.opengis.net/ont/geosparql#" xmlns:locn="http://www.w3.org/ns/locn#" xmlns:org="http://www.w3.org/ns/org#" xmlns:owl="http://www.w3.org/2002/07/owl#" xmlns:prov="http://www.w3.org/ns/prov#" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:schema="http://schema.org/" xmlns:skos="http://www.w3.org/2004/02/skos/core#" xmlns:vcard="http://www.w3.org/2006/vcard/ns#" xmlns:wdrs="http://www.w3.org/2007/05/powder-s#">
<rdf:Description rdf:about="https://doi.org/10.20372/nadre:5778">
<rdf:type rdf:resource="http://www.w3.org/ns/dcat#Dataset"/>
<dct:type rdf:resource="http://purl.org/dc/dcmitype/Text"/>
<dct:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://doi.org/10.20372/nadre:5778</dct:identifier>
<foaf:page rdf:resource="https://doi.org/10.20372/nadre:5778"/>
<dct:creator>
<rdf:Description>
<rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
<foaf:name>MULATU MEKONNEN</foaf:name>
</rdf:Description>
</dct:creator>
<dct:title>Internet Protocol (IP)-Based Distributed Denial of Server (DDoS) Attack Detection and Mitigation for Software Defined Networking (SDN) Controller</dct:title>
<dct:publisher>
<foaf:Agent>
<foaf:name>Zenodo</foaf:name>
</foaf:Agent>
</dct:publisher>
<dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#gYear">2019</dct:issued>
<dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2019-06-01</dct:issued>
<owl:sameAs rdf:resource="https://nadre.ethernet.edu.et/record/5778"/>
<adms:identifier>
<adms:Identifier>
<skos:notation rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://nadre.ethernet.edu.et/record/5778</skos:notation>
<adms:schemeAgency>url</adms:schemeAgency>
</adms:Identifier>
</adms:identifier>
<dct:isVersionOf rdf:resource="https://doi.org/10.20372/nadre:5777"/>
<dct:isPartOf rdf:resource="https://nadre.ethernet.edu.et/communities/dbu"/>
<dct:isPartOf rdf:resource="https://nadre.ethernet.edu.et/communities/zenodo"/>
<dct:description><p>Software-defined networking architectural framework eases the life of the network<br> administrators by isolating the data plane from the control plane. This facilitates<br> easy configuration of the network, provides a programmable interface for developing<br> applications related to management, security, logging etc. and the centralized logical<br> controller gives more control over the entire network, which has the total visibility<br> of the network.<br> These advantages of SDN also expose the network to the vulnerabilities and the<br> impact of the attacks are much severe when compared to conventional networks,<br> where the network devices in itself provided protection from the attacks and limits<br> the scope of the attacks.<br> In this paper, we explore various attacks that can be launched on SDN at different<br> layers. We also evaluate some of the existing security methods in mitigating the<br> attacks. We also explore a possible solution to prevent DDoS attacks using entropy.<br> A Distributed Denial of Service (DDoS) attack is a DoS attack utilizing multiple<br> distributed attack sources. Every network in the system has an entropy. Increase<br> in randomness causes decrease in entropy. To mitigate this threat, this project<br> proposes to use the central control of SDN for attack detection and introduces a<br> solution that is effective and lightweight in terms of the resources that it uses.<br> More precisely, this project shows how DDoS attacks can exhaust controller resources<br> and provides a solution to detect such attacks based on the entropy variation of<br> the destination IP address. Based on this value if it drops below threshold , we are<br> blocking the specific port in the switch and bring the port down. This method is able<br> to detect DDoS within the first five hundred packets of the attack traffic</p></dct:description>
<dct:accessRights rdf:resource="http://publications.europa.eu/resource/authority/access-right/PUBLIC"/>
<dct:accessRights>
<dct:RightsStatement rdf:about="info:eu-repo/semantics/openAccess">
<rdfs:label>Open Access</rdfs:label>
</dct:RightsStatement>
</dct:accessRights>
<dcat:distribution>
<dcat:Distribution>
<dct:rights>
<dct:RightsStatement rdf:about="http://www.opendefinition.org/licenses/cc-by">
<rdfs:label>Creative Commons Attribution</rdfs:label>
</dct:RightsStatement>
</dct:rights>
<dcat:accessURL rdf:resource="https://doi.org/10.20372/nadre:5778"/>
</dcat:Distribution>
</dcat:distribution>
<dcat:distribution>
<dcat:Distribution>
<dcat:accessURL rdf:resource="https://doi.org/10.20372/nadre:5778"/>
<dcat:byteSize>647925</dcat:byteSize>
<dcat:downloadURL rdf:resource="https://nadre.ethernet.edu.et/record/5778/files/f1042664640.pdf"/>
<dcat:mediaType>application/pdf</dcat:mediaType>
</dcat:Distribution>
</dcat:distribution>
</rdf:Description>
</rdf:RDF>
0
0
views
downloads
| All versions | This version | |
|---|---|---|
| Views | 0 | 0 |
| Downloads | 0 | 0 |
| Data volume | 0 Bytes | 0 Bytes |
| Unique views | 0 | 0 |
| Unique downloads | 0 | 0 |
Indexed in
- Publication date:
- June 1, 2019
- DOI:
-
- Communities:
- License (for files):
- Creative Commons Attribution