Paper Info
Title
An Entropy-Based Distributed DDoS Detection Mechanism in Software-Defined Networking
Abstract
Software-Defined Networking (SDN) and OpenFlow (OF) protocol have brought a promising architecture for the future networks. However, the centralized control and programmable characteristics also bring a lot of security challenges. Distributed denial-of-service (DDoS) attack is still a security threat to SDN. To detect the DDoS attack in SDN, many researches collect the flow tables from the switch and do the anomaly detection in the controller. But in the large scale network, the collecting process burdens the communication overload between the switches and the controller. Sampling technology may relieve this overload, but it brings a new tradeoff between sampling rate and detection accuracy. In this paper, we first extend a copy of the packet number counter of the flow entry in the OpenFlow table. Based on the flow-based nature of SDN, we design a flow statistics process in the switch. Then, we propose an entropy-based lightweight DDoS flooding attack detection model running in the OF edge switch. This achieves a distributed anomaly detection in SDN and reduces the flow collection overload to the controller. We also give the detailed algorithm which has a small calculation overload and can be easily implemented in SDN software or programmable switch, such as Open vSwitch and NetFPGA. The experimental results show that our detection mechanism can detect the attack quickly and achieve a high detection accuracy with a low false positive rate.
Year
DOI
Venue
2015
10.1109/Trustcom-BigDataSe-ISPA.2015.389
TrustCom/BigDataSE/ISPA
Keywords
Field
DocType
SDN, OpenFlow, DDoS, Entropy
Anomaly detection,Control theory,Denial-of-service attack,Computer science,Computer security,Network packet,Computer network,Edge device,OpenFlow,Software-defined networking,NetFPGA
Conference
Volume
Citations 
PageRank 
1
22
0.96
References 
Authors
22
3
Name
Order
Citations
PageRank
Rui Wang1272.05
zhiping jia246360.64
Lei Ju326529.03