Name
Title | ||
|---|---|---|
Reducing the effects of DoS attacks in software defined networks using parallel flow installation |
Abstract | ||
|---|---|---|
Software defined networking (SDN) is becoming more and more popular due to its key features, such as monitoring, fine-grained control, flexibility and scalability. The centralized control of SDN makes it vulnerable to various types of attacks, e.g., flooding, spoofing, and denial of service (DoS). Among these attacks, DoS attack has the most severe impact because it degrades the performance of the SDN by overloading its different components, i.e., controller, switch, and control channel. This impact becomes more prominent in SDNs having fine-grained control over traffic for monitoring and management purposes, where large numbers of flow rules are installed. Existing approaches handle DoS attacks in SDN either by dropping malicious packets or by aggregating flow rules, resulting in a legitimate packet drop or loss of fine-grained control over network traffic. In this paper, a parallel flow installation approach is proposed to reduce the effects of DoS attacks, without losing the monitoring capability and fine-grained control over network traffic. The proposed approach installs flow rules in all switches along the path from the source to the destination on a single request from the source; resulting in a considerable reduction of control channel traffic and controller’s utilization. The proposed approach is evaluated by comparing it with the basic SDN controller. The simulation results show that the proposed approach increases the SDN performance in terms of CPU utilization, response time, flow requests, and control channel bandwidth. |
Year | DOI | Venue |
|---|---|---|
2019 | 10.1186/s13673-019-0176-7 | Human-centric Computing and Information Sciences |
Keywords | Field | DocType |
Software defined networking, Denial of service attacks, DoS mitigation, Fine-grained control, Parallel flow installation | Control channel,Data mining,Control theory,Spoofing attack,Denial-of-service attack,CPU time,Computer science,Network packet,Computer network,Software-defined networking,Scalability | Journal |
Volume | Issue | ISSN |
9 | 1 | 2192-1962 |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
6 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Muhammad Imran | 1 | 12 | 1.70 |
| Muhammad Hanif Durad | 2 | 13 | 2.07 |
| Farrukh Aslam Khan | 3 | 388 | 34.17 |
| Abdelouahid Derhab | 4 | 277 | 32.68 |
| DuradMuhammad Hanif | 5 | 0 | 0.34 |
| KhanFarrukh Aslam | 6 | 15 | 1.24 |