A Model-Driven Framework for the Prevention of DoS Attacks in Software Defined Networking (SDN)

Farooq, Muddassar; Rashid, Muhammad; Azam, Farooque; Rasheed, Yawar; Anwar, Muhammad Waseem; Shahid, Zohaib

doi:10.1109/syscon48628.2021.9447131

Cited by 3 publications

(4 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, the datasets with larger kurtosis tends to provide outliers, or heavy tails. The mathematical formula of kurtosis for univariate data such as Z 1 , Z 2 , … , Z M , is expressed in Equation (5).…”

Section: F I G U R E 2 Illustration Of Proposed Attack Detection Mode...mentioning

confidence: 99%

“…Recently, the SDN has concentrated more and the network management concept has offered an efficient network‐based distributed denial‐of‐service (DDoS) defense besides different way of DDoS attack 3,4 . The centralized SDN controller could influence more knowledge regarding its network, and the SDN architecture aids in detecting the DDoS attacks through various techniques like machine learning or traffic pattern analysis 5 . Moreover, the mitigation strategies are used by the SDN controller that includes redirecting legitimate traffic to a secure system or blocking the attacker's flow to the network switches via employing an updated security policy as it detects the DDoS attacks 6–8 .…”

Section: Introductionmentioning

confidence: 99%

“…3,4 The centralized SDN controller could influence more knowledge regarding its network, and the SDN architecture aids in detecting the DDoS attacks through various techniques like machine learning or traffic pattern analysis. 5 Moreover, the mitigation strategies are used by the SDN controller that includes redirecting legitimate traffic to a secure system or blocking the attacker's flow to the network switches via employing an updated security policy as it detects the DDoS attacks. [6][7][8] The control layer, the infrastructure layer, and the application layer are the three levels that typically make up the SDN architecture.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Optimized deep neural network based DDoS attack detection and bait mitigation process in software defined network

Perumal

Karmel

2023

Concurrency and Computation

View full text Add to dashboard Cite

The software-defined network (SDN) is a new network design with an operating system that allows better network quality control. The controller's primary role in an SDN network is to divide the control and forwarding planes in order to provide essential network power. The backup controller in an SDN may confront a variety of obstacles during a DDoS attack. It disrupts the flow of the network by attacking the service nodes hence obstructing the legitimate users from getting service. To overcome these issues, this work introduces a DDoS attack detection model that will aid in removing the attacker from the network. Initially, the input data is sent into the detection phase, which identifies the existence and kind of attacks. The presence of an attack is determined based on the data flow, and statistical features. With the reference of the extracted features, the optimized deep neural network (DNN) will decide the existence of attacker in the network. To make the decision more precise, the training of DNN will be carried out by self-improved moth flame optimization (SIMFO) Algorithm via tuning the optimal weights. Once an attacker's presence has been identified, it is critical to remove the attacker's node from the network.

show abstract

Section: F I G U R E 2 Illustration Of Proposed Attack Detection Mode...mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Optimized deep neural network based DDoS attack detection and bait mitigation process in software defined network

Perumal

Karmel

2023

Concurrency and Computation

View full text Add to dashboard Cite

show abstract

“…SDN carries the distinctive properties that allow the LDoS attackers to concentrate on mining these vulnerabilities [9]- [11], which constitutes a potential threat to the entire SDN [12] [13]. Currently, the corresponding detection technologies in SDN mainly face with the following problems.…”

Section: Introductionmentioning

confidence: 99%

CCS: A Cross-Plane Collaboration Strategy to Defend Against LDoS Attacks in SDN

Yue,

Yan,

et al. 2024

IEEE Trans. Netw. Serv. Manage.

View full text Add to dashboard Cite

Software-Defined Networking (SDN) actualizes the separation of control and forwarding, innovates network functionality with a logically centralized controller, and facilitates network-wide collaboration. Contemporary SDN infrastructure exposes potential bottlenecks which are prone to engaging low-rate denial of service (LDoS) attacks. Currently, a great deal of detection methods are deployed in the controller, and the controller needs to poll the switch frequently, which brings heavy load to the controller and the southbound link. According to the analysis of existing researches, we focused on the how to decrease the frequent polling of the controller and improve the detection rate. In this paper, we adopted the idea of cross-plane collaboration and proposed a two-phase detection framework, which carried out the lightweight detection method in the data plane and the in-depth detection based on Bayesian voting mechanism in the control plane. Once LDoS attacks are detected, the controller recalculates routes for the bottleneck nodes using the optimized Dijkstra algorithm to complete mitigation. Theoretical analyses and extensive experiments are conducted to validate the performance of our proposed method. Test results show that our method outperforms other traditional methods in terms of the detection rate of 99.1%, the detection delay of 1.3s and the communication overhead of 1068 Byte/s, the average CPU utilization of controller remains at approximately 3.5%. The proposed method takes a step forward to enhance the security of SDN.

show abstract

Exploring the Effectiveness and Trends of Domain-Specific Model Driven Engineering: A Systematic Literature Review (SLR)

Zafar,

Azam,

Latif

et al. 2024

IEEE Access

View full text Add to dashboard Cite

A Model-Driven Framework for the Prevention of DoS Attacks in Software Defined Networking (SDN)

Cited by 3 publications

References 25 publications

Optimized deep neural network based DDoS attack detection and bait mitigation process in software defined network

Optimized deep neural network based DDoS attack detection and bait mitigation process in software defined network

CCS: A Cross-Plane Collaboration Strategy to Defend Against LDoS Attacks in SDN

Exploring the Effectiveness and Trends of Domain-Specific Model Driven Engineering: A Systematic Literature Review (SLR)

Contact Info

Product

Resources

About