AFault Tolerant Multi-Controller Framework for SDN DDoS Attacks Detection
Network communication shows a variety of issues with the fast expansion of computer devices, ranging from network administration to traffic engineering. A well-known method for improving these connections is Software-Defined Networking (SDN). The SDN is a networking architecture that separates the c...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
University of science and culture
2022-01-01
|
| Series: | International Journal of Web Research |
| Subjects: | |
| Online Access: | https://ijwr.usc.ac.ir/article_154302_05a10669c3c91aa577091f782f730800.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841559952371482624 |
|---|---|
| author | Parisa Valizadeh Ahmad Taghinezhad-Niar |
| author_facet | Parisa Valizadeh Ahmad Taghinezhad-Niar |
| author_sort | Parisa Valizadeh |
| collection | DOAJ |
| description | Network communication shows a variety of issues with the fast expansion of computer devices, ranging from network administration to traffic engineering. A well-known method for improving these connections is Software-Defined Networking (SDN). The SDN is a networking architecture that separates the control plane from the data plane to ease network administration. The main advantage of the SDN is the central controller. However, it has security flaws like unreachability in Distributed Denial-of-Service attacks (DDoS). Hence, defending SDN against DDoS attacks is critical. We proposed a framework for detecting DDoS attacks and a fault-tolerant method to replace faulty leader controller in distributed multi-controller SDN. We used multi-controllers architecture and leader election algorithm to present a fault-tolerant framework to select a new leader controller, in the case of a leader controller failure. In addition, an early DDoS attack detection algorithm using the entropy of destination IP addresses and the packet window initiation rate is presented. To evaluate our proposed method in various configurations, we simulated exhaustive experiments in Mininet and Floodlight. The results show that our approach outperforms similar algorithms in various network configurations and multi-victim attacks. |
| format | Article |
| id | doaj-art-a0c0865cb1a34e5c86758372326774d3 |
| institution | Kabale University |
| issn | 2645-4343 |
| language | English |
| publishDate | 2022-01-01 |
| publisher | University of science and culture |
| record_format | Article |
| series | International Journal of Web Research |
| spelling | doaj-art-a0c0865cb1a34e5c86758372326774d32025-01-05T11:27:51ZengUniversity of science and cultureInternational Journal of Web Research2645-43432022-01-01511710.22133/ijwr.2022.345927.1119AFault Tolerant Multi-Controller Framework for SDN DDoS Attacks DetectionParisa Valizadeh0Ahmad Taghinezhad-Niar1https://orcid.org/0000-0003-2353-9335Ph.D. Candidate, Computer Engineering, Faculty Engineering, Ferdowsi University of Mashhad, IranFaculty of Electrical and Computer Engineering, University of Tabriz, Tabriz, IranNetwork communication shows a variety of issues with the fast expansion of computer devices, ranging from network administration to traffic engineering. A well-known method for improving these connections is Software-Defined Networking (SDN). The SDN is a networking architecture that separates the control plane from the data plane to ease network administration. The main advantage of the SDN is the central controller. However, it has security flaws like unreachability in Distributed Denial-of-Service attacks (DDoS). Hence, defending SDN against DDoS attacks is critical. We proposed a framework for detecting DDoS attacks and a fault-tolerant method to replace faulty leader controller in distributed multi-controller SDN. We used multi-controllers architecture and leader election algorithm to present a fault-tolerant framework to select a new leader controller, in the case of a leader controller failure. In addition, an early DDoS attack detection algorithm using the entropy of destination IP addresses and the packet window initiation rate is presented. To evaluate our proposed method in various configurations, we simulated exhaustive experiments in Mininet and Floodlight. The results show that our approach outperforms similar algorithms in various network configurations and multi-victim attacks.https://ijwr.usc.ac.ir/article_154302_05a10669c3c91aa577091f782f730800.pdffault-tolerantddosmulti victims attackcontrol plane securitsdn |
| spellingShingle | Parisa Valizadeh Ahmad Taghinezhad-Niar AFault Tolerant Multi-Controller Framework for SDN DDoS Attacks Detection International Journal of Web Research fault-tolerant ddos multi victims attack control plane securit sdn |
| title | AFault Tolerant Multi-Controller Framework for SDN DDoS Attacks Detection |
| title_full | AFault Tolerant Multi-Controller Framework for SDN DDoS Attacks Detection |
| title_fullStr | AFault Tolerant Multi-Controller Framework for SDN DDoS Attacks Detection |
| title_full_unstemmed | AFault Tolerant Multi-Controller Framework for SDN DDoS Attacks Detection |
| title_short | AFault Tolerant Multi-Controller Framework for SDN DDoS Attacks Detection |
| title_sort | afault tolerant multi controller framework for sdn ddos attacks detection |
| topic | fault-tolerant ddos multi victims attack control plane securit sdn |
| url | https://ijwr.usc.ac.ir/article_154302_05a10669c3c91aa577091f782f730800.pdf |
| work_keys_str_mv | AT parisavalizadeh afaulttolerantmulticontrollerframeworkforsdnddosattacksdetection AT ahmadtaghinezhadniar afaulttolerantmulticontrollerframeworkforsdnddosattacksdetection |