Experimental evaluation of the impact of DoS attacks in SDN

Alharbi, Talal; Layeghy, Siamak; Portmann, Marius

doi:10.1109/atnac.2017.8215424

Cited by 14 publications

(9 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The controller might also install a flow rule into the corresponding switches by sending a Flow_mod message after sending the Packet_out message to the switches that are along the path. 46 Flow_mod messages install flow rules into the switches.…”

Section: F I G U R E 2 Network Packet Processing In Sdnmentioning

confidence: 99%

ProtÉdge: A few‐shot ensemble learning approach to software‐defined networking‐assisted edge security

Demirpolat

Sarica

Angin

2020

Trans Emerging Tel Tech

View full text Add to dashboard Cite

The rise of the Internet of Things (IoT) paradigm has had a significant impact on our lives through many use cases including smart farming, smart homes, and smart healthcare among others. Due to the capacity-constrained nature of many IoT devices, edge computing has become a significant aid for IoT, replacing cloud computing to support the extremely low latency requirements. With the number of smart devices growing exponentially, the large attack surface created by these devices is concerning. Software-defined networking (SDN) based architectures come to the rescue of edge-assisted IoT environments to achieve enhanced security, and they strongly rely on intelligent decision-making capabilities to act upon the high volume of traffic they control. Machine learning-based intelligence is already utilized by these systems with successful results when abundant training data are available; however, most algorithms fail in the lack of sufficient training data. In this article, we propose ProtÉdge, an SDN-based intelligent security architecture for edge-assisted IoT networks, which utilizes a few-shot learning classifier, namely prototypical networks, for highly accurate detection of intrusions. We evaluate the performance of the proposed model with the Bot-IoT data set consisting of real-world IoT network flows, as well as an SDN data set modeling an edge-assisted IoT environment and the UNSW-NB15 data set, and show that the proposed model achieves significantly better performance than state-of-the-art models in the absence of large amounts of sample attacks. The proposed architecture is promising to achieve intelligent security in future's ubiquitous edge-enabled IoT with its low processing overhead and high intrusion detection accuracy.

show abstract

Section: F I G U R E 2 Network Packet Processing In Sdnmentioning

confidence: 99%

ProtÉdge: A few‐shot ensemble learning approach to software‐defined networking‐assisted edge security

Demirpolat

Sarica

Angin

2020

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…It is noteworthy that a great number of papers in the literature address the availability of resources by exploring Denial of Service (DoS) attacks in SDNs. Among them, we selected one study to represent this category in this review, [51]. A comprehensive review of Distributed DoS attacks on SDNs can be found in [52].…”

Section: Availability Threatsmentioning

confidence: 99%

“…In [51], the authors carry out an experimental evaluation of the impact of DoS attacks on SDNs by looking at two types of DoS attacks against the control and data planes. In the data plane, they examine two types of attacks aimed at exhausting both the resources of the SDN controller and switches.…”

Section: Availability Threatsmentioning

confidence: 99%

“…This section presents a data compilation of hardware and software used in the experiments of the analyzed studies. The experimental environments can OpenDayLight [40] Floodlight v0.9 [33] Floodlight e Beacon [28] Ryu [43] POX [34] Floodlight OperationCheckpoint [35] FloodLight, Beacon, Open-DayLight and HP VAN SDN Application containment mechanism with sandboxes over OpenDaylight Hydrogen [53] FloodLight, ONOS, Open-DayLight, Ryu and POX [44] POX [47] Floodlight v0.9 [36] OpenDayLight Helium [16] NOX, POX, Beacon, Floodlight, MuL, Maestro and Ryu [42] NOX, Beacon and Maestro [31] Floodlight, OpenDaylight, POX and Beacon Rosemary [32] Floodlight, OpenDaylight and ONOS [37] NOX 0.9.1 FortNOX [30] FloodLight LegoSDN (FloodLight) [46] POX [48] Ryu 3.24 security checksheet [50] POX 0.1.0 [39] FloodLight, Maestro, Open-Daylight and POX SPHINX [38] FloodLight Security Enforcement Kernel (SEK) [45] FloodLight, OpenIRIS, Open-DayLight, Beacon, Maestro, NOX, POX and Ryu TopoGuard (FloodLight) [29] FloodLight 1.2 [51] Ryu (version 3. be grouped into three categories : simulated environment (SE), physical environment (PE) and emulated environment (EE). Table 3 shows the classification of the environments, as described in each paper regarding the three categories .…”

Section: Experimental Environmentsmentioning

confidence: 99%

See 1 more Smart Citation

Experimental Security Analysis of Controller Software in SDNs: A Review

Ortiz¹,

Kimura²,

Ueyama³

et al. 2019

Preprint

View full text Add to dashboard Cite

The software defined networking paradigm relies on the programmability of the network to automatically perform management and reconfiguration tasks. The result of adopting this programmability feature is twofold: first by designing new solutions and, second, by concurrently making room for the exploitation of new security threats. As a malfunction in the controller software may lead to a collapse of the network, assessing the security of solutions before their deployment, is a major concern in SDNs. In light of this, we have conducted a comprehensive review of the literature on the experimental security analysis of the control plane in SDNs, with an emphasis on vulnerabilities of the controller software. Additionally, we have introduced a taxonomy of the techniques found in the literature with regard to the experimental security analysis of SDN controller software. Furthermore, a comparative study has been carried out of existing experimental approaches considering the security requirements defined by the Open Network Foundation (ONF). As a result, we highlighted that there is a need for a standardization of the methodologies employed for automated security analysis, that can meet the appropriate requirements, and support the development of reliable and secure software for SDNs.

show abstract

“…Um dos ataques mais comuns que historicamente tem causado grandes prejuízos e, como tal, é um dos mais temidos da área de segurança de rede é o ataque de negação de serviço (Denial of Service -DOS) [21]. O ataque do tipo DOS é executado tipicamente no contexto da Web e, por exemplo, pode impactar fortemente a operação e o desempenho de servidores web com um consequente efeito negativo do ponto de vista financeiro e do ponto de vista da percepção do negócio pelos seus clientes.…”

Section: Introductionunclassified

A Strategy for Detection and Mitigation of DoS Attacks on Software-Defined Networks

Pereira¹,

Martins²

2021

Preprint

View full text Add to dashboard Cite

Computer networks support applications in virtually every area of application and knowledge, and as such, they have widely distributed structures and are susceptible to security attacks in general.Software-Defined Networks (SDN), in turn, are a technological solution that has several advantages by separating the control plane from the data plane in the structuring of computer networks. Given this technological difference, software-defined networks are a network implementation paradigm used to mitigate network security attacks. In summary, the use of SDN to mitigate network attacks provides greater flexibility in implementing the attack strategy. However, the separation of control and data planes creates new points of vulnerability for the security of the network operation.The denial of service attack (DoS) of the type Syn-Flooding is one of the most common possible attacks. It can cause, concerning the network, the commitment to perform services and, concerning the operation of the SDN, the commitment in the bandwidth of the communication channel between the control planes and the data plane, the saturation of the ow table in the switch, and the increasing of the processing load in the controller.In general, the investigation about new strategies aimed at safety with SDN becomes necessary to improve security strategies for network attacks and maximize the reliability of SDN operation, allowing use in different application scenarios. This work presents a defense strategy against attacks of DoS Syn-Flooding using the SDN facilities of an integrated controller with an intrusion detection system (IDS).The proposed strategy aims to mitigate Syn-Flooding DoS attacks and the vulnerability arising from the use of SDN to mitigate attacks.

show abstract

Experimental evaluation of the impact of DoS attacks in SDN

Cited by 14 publications

References 14 publications

ProtÉdge: A few‐shot ensemble learning approach to software‐defined networking‐assisted edge security

ProtÉdge: A few‐shot ensemble learning approach to software‐defined networking‐assisted edge security

Experimental Security Analysis of Controller Software in SDNs: A Review

A Strategy for Detection and Mitigation of DoS Attacks on Software-Defined Networks

Contact Info

Product

Resources

About