Thesis Open Access

# Internet Protocol (IP)-Based Distributed Denial of Server (DDoS) Attack Detection and Mitigation for Software Defined Networking (SDN) Controller

MULATU, MEKONNEN

### JSON Export

{
"conceptrecid": "6269",
"created": "2020-05-18T08:15:49.803223+00:00",
"files": [
{
"bucket": "9f2b6e57-e9b0-4b3d-b1cf-b19799453b7d",
"key": "MulatuMekonnenCNSThesis.pdf",
},
"size": 1717058,
"type": "pdf"
}
],
"id": 6270,
},
"access_right": "open",
"access_right_category": "success",
"communities": [
{
"id": "dbu"
},
{
}
],
"creators": [
{
"name": "MULATU, MEKONNEN"
}
],
"description": "<p>Software-defined networking architectural framework eases the life of the network administrators by isolating the data plane from the control plane. This facilitates easyconfigurationofthenetwork,providesaprogrammableinterfacefordeveloping applicationsrelatedtomanagement,security,loggingetc. andthecentralizedlogical controller gives more control over the entire network, which has the total visibility of the network. These advantages of SDN also expose the network to the vulnerabilities and the impact of the attacks are much severe when compared to conventional networks, where the network devices in itself provided protection from the attacks and limits the scope of the attacks. In this paper, we explore various attacks that can be launched on SDN at different layers. We also evaluate some of the existing security methods in mitigating the attacks. We also explore a possible solution to prevent DDoS attacks using entropy. A Distributed Denial of Service (DDoS) attack is a DoS attack utilizing multiple distributed attack sources. Every network in the system has an entropy. Increase in randomness causes decrease in entropy. To mitigate this threat, this project proposes to use the central control of SDN for attack detection and introduces a solution that is effective and lightweight in terms of the resources that it uses. Moreprecisely,thisprojectshowshowDDoSattackscanexhaustcontrollerresources and provides a solution to detect such attacks based on the entropy variation of the destination IP address. Based on this value if it drops below threshold , we are blocking the specific port in the switch and bring the port down. This method is able to detect DDoS within the first five hundred packets of the attack traffic.</p>",
"id": "cc-by"
},
"publication_date": "2019-07-01",
"related_identifiers": [
{
"identifier": "978-963-313-151-0",
"relation": "isPartOf",
"scheme": "isbn"
},
{
"relation": "isVersionOf",
"scheme": "doi"
}
],
"relations": {
"version": [
{
"count": 1,
"index": 0,
"is_last": true,
"last_child": {
"pid_type": "recid",
"pid_value": "6270"
},
"parent": {
"pid_type": "recid",
"pid_value": "6269"
}
}
]
},
"resource_type": {
"subtype": "thesis",
"title": "Thesis",
"type": "publication"
},
"title": "Internet Protocol (IP)-Based Distributed Denial of Server (DDoS) Attack Detection and Mitigation for Software Defined Networking (SDN) Controller"
},
"owners": [
6
],
"revision": 3,
"stats": {
"unique_views": 49.0,
"version_unique_views": 49.0,
"version_views": 79.0,
"version_volume": 53228798.0,
"views": 79.0,
"volume": 53228798.0
},
"updated": "2020-05-18T16:01:05.354032+00:00"
}
79
31
views