Thesis Open Access

Internet Protocol (IP)-Based Distributed Denial of Server (DDoS) Attack Detection and Mitigation for Software Defined Networking (SDN) Controller

MULATU MEKONNEN

JSON Export

{
  "files": [
    {
      "links": {
        "self": "https://nadre.ethernet.edu.et/api/files/77b67002-dfea-4336-a50a-5449a458c001/f1042664640.pdf"
      }, 
      "checksum": "md5:d45cbd5fd89e1d88df48cadeabb670f7", 
      "bucket": "77b67002-dfea-4336-a50a-5449a458c001", 
      "key": "f1042664640.pdf", 
      "type": "pdf", 
      "size": 647925
    }
  ], 
  "owners": [
    11
  ], 
  "doi": "10.20372/nadre:5778", 
  "stats": {}, 
  "links": {
    "doi": "https://doi.org/10.20372/nadre:5778", 
    "conceptdoi": "https://doi.org/10.20372/nadre:5777", 
    "bucket": "https://nadre.ethernet.edu.et/api/files/77b67002-dfea-4336-a50a-5449a458c001", 
    "conceptbadge": "https://nadre.ethernet.edu.et/badge/doi/10.20372/nadre%3A5777.svg", 
    "html": "https://nadre.ethernet.edu.et/record/5778", 
    "latest_html": "https://nadre.ethernet.edu.et/record/5778", 
    "badge": "https://nadre.ethernet.edu.et/badge/doi/10.20372/nadre%3A5778.svg", 
    "latest": "https://nadre.ethernet.edu.et/api/records/5778"
  }, 
  "conceptdoi": "10.20372/nadre:5777", 
  "created": "2025-01-14T08:44:23.344088+00:00", 
  "updated": "2025-01-14T08:44:25.957935+00:00", 
  "conceptrecid": "5777", 
  "revision": 3, 
  "id": 5778, 
  "metadata": {
    "access_right_category": "success", 
    "doi": "10.20372/nadre:5778", 
    "description": "<p>Software-defined networking architectural framework eases the life of the network<br>\nadministrators by isolating the data plane from the control plane. This facilitates<br>\neasy configuration of the network, provides a programmable interface for developing<br>\napplications related to management, security, logging etc. and the centralized logical<br>\ncontroller gives more control over the entire network, which has the total visibility<br>\nof the network.<br>\nThese advantages of SDN also expose the network to the vulnerabilities and the<br>\nimpact of the attacks are much severe when compared to conventional networks,<br>\nwhere the network devices in itself provided protection from the attacks and limits<br>\nthe scope of the attacks.<br>\nIn this paper, we explore various attacks that can be launched on SDN at different<br>\nlayers. We also evaluate some of the existing security methods in mitigating the<br>\nattacks. We also explore a possible solution to prevent DDoS attacks using entropy.<br>\nA Distributed Denial of Service (DDoS) attack is a DoS attack utilizing multiple<br>\ndistributed attack sources. Every network in the system has an entropy. Increase<br>\nin randomness causes decrease in entropy. To mitigate this threat, this project<br>\nproposes to use the central control of SDN for attack detection and introduces a<br>\nsolution that is effective and lightweight in terms of the resources that it uses.<br>\nMore precisely, this project shows how DDoS attacks can exhaust controller resources<br>\nand provides a solution to detect such attacks based on the entropy variation of<br>\nthe destination IP address. Based on this value if it drops below threshold , we are<br>\nblocking the specific port in the switch and bring the port down. This method is able<br>\nto detect DDoS within the first five hundred packets of the attack traffic</p>", 
    "license": {
      "id": "cc-by"
    }, 
    "title": "Internet Protocol (IP)-Based Distributed Denial of Server (DDoS) Attack Detection and Mitigation for Software Defined Networking (SDN) Controller", 
    "relations": {
      "version": [
        {
          "count": 1, 
          "index": 0, 
          "parent": {
            "pid_type": "recid", 
            "pid_value": "5777"
          }, 
          "is_last": true, 
          "last_child": {
            "pid_type": "recid", 
            "pid_value": "5778"
          }
        }
      ]
    }, 
    "communities": [
      {
        "id": "dbu"
      }, 
      {
        "id": "zenodo"
      }
    ], 
    "publication_date": "2019-06-01", 
    "creators": [
      {
        "name": "MULATU MEKONNEN"
      }
    ], 
    "access_right": "open", 
    "resource_type": {
      "subtype": "thesis", 
      "type": "publication", 
      "title": "Thesis"
    }, 
    "related_identifiers": [
      {
        "scheme": "doi", 
        "identifier": "10.20372/nadre:5777", 
        "relation": "isVersionOf"
      }
    ]
  }
}
0
0
views
downloads
All versions This version
Views 00
Downloads 00
Data volume 0 Bytes0 Bytes
Unique views 00
Unique downloads 00
More info on how stats are collected.
Indexed in
Publication date:
June 1, 2019
DOI:
10.20372/nadre:5778

Zenodo DOI Badge

DOI 

10.20372/nadre:5778

Markdown 

[![DOI](https://nadre.ethernet.edu.et/badge/DOI/10.20372/nadre:5778.svg)](https://doi.org/10.20372/nadre:5778)

reStructedText 

.. image:: https://nadre.ethernet.edu.et/badge/DOI/10.20372/nadre:5778.svg
   :target: https://doi.org/10.20372/nadre:5778

HTML 

<a href="https://doi.org/10.20372/nadre:5778"><img src="https://nadre.ethernet.edu.et/badge/DOI/10.20372/nadre:5778.svg" alt="DOI"></a>

Image URL 

https://nadre.ethernet.edu.et/badge/DOI/10.20372/nadre:5778.svg

Target URL 

https://doi.org/10.20372/nadre:5778

Communities:
License (for files):
Creative Commons Attribution

Versions

Version 1 10.20372/nadre:5778 Jun 1, 2019
Cite all versions? You can cite all versions by using the DOI 10.20372/nadre:5777. This DOI represents all versions, and will always resolve to the latest one. Read more.

Share

Cite as

Export