A role-based DDoS attack detection mechanism in SDN

13:21 09/11/2018

There is a transformation of the traditional network into Software Defined Networking (SDN) which is an outstanding developing area recently. Among the most exciting features of SDN are the remarkable control over network infrastructure and decoupling of control and data plane. Although it helps more flexible network management, SDN should be considered current and upcoming security threats associated with its deployment. One of them is the DDoS attack which is a malicious attempt to bring down networks, applications, or services by overwhelming these resources with too much data or impairing them in some other ways. In SDN, we can offer or change the network functions or behavior program by monitoring controller to realize DDoS attacks. This paper presents an approach of DDoS attack detection in SDN environment by utilizing the entropy metric with consideration of differences in host role profile to suspect under-attack state, we also deal with time factor in information collecting activities. Then, a statistical method is used for investigating flow information sent from OpenFlow switches to confirm the previous suspicion.

Penetration testing is one of the most common methods for assessing the security of a system, application, or network. Although there are different support tools with great efficiency in this field, penetration testing is done mostly manually and relies heavily on the experience of the ethical hackers who are doing...
Software-defined networking (SDN) is a potential approach for modern network architecture, which has received great attention recently. SDN-based networks also face security issues, and they can become targets of cyberattacks. Cyber threat hunting is one of the security solutions proposed for early attack detection in SDN. Developing machine learning-based IDS...