scholarly journals AN INTELLIGENT SOFTWARE DEFINED NETWORKING CONTROLLER COMPONENT TO DETECT AND MITIGATE DENIAL OF SERVICE ATTACKS

2020 ◽  
Vol 20 ◽  
Author(s):  
Huseyin Polat ◽  
Onur Polat
Keyword(s):  
Network Performance ◽  
Denial Of Service ◽  
Software Defined Networking ◽  
Security Threats ◽  
Simulation Environment ◽  
Dos Attacks ◽  
Device Identification ◽  
Intelligent Software ◽  
And Performance ◽  
Sdn Controller

Despite many advantages of software defined networking (SDN) such as manageability, scalability, and performance, it has inherent security threats. In particular, denial of service (DoS) attacks are major threats to SDN. The controller’s processing and communication abilities are overwhelmed by DoS attacks. The capacity of the flow tables in the switching device is exhausted due to excess flows created by the controller because of malicious packets. DoS attacks on the controller cause the network performance to drop to a critical level. In this paper, a new SDN controller component was proposed to detect and mitigate DoS attacks in the SDN controller. POX layer three controller component was used for underlying a testbed for PacketIn messages. Any packet from the host was incremented to measure the rate of packet according to its device identification and its input port number. Considering the rate of packets received by the controller and threshold set, malicious packets could be detected and mitigated easily. A developed controller component was tested in a Mininet simulation environment with an hping3 tool to build artificial DoS attacks. Using the enhanced controller component, DoS packets were prevented from accessing the controller and thus, the data plane (switching devices) was prevented from being filled with unwanted flows.

APPLICATION OF MULTI-LEVEL FAIR QUEUE MECHANISM FOR MITIGATING DENIAL-OF-SERVICE ATTACKS ON SOFTWARE-DEFINED NETWORKS

2021 ◽  
pp. 253-260
Author(s):  
Михаил Юрьевич Рытов ◽  
Руслан Юрьевич Калашников ◽  
Алексей Алексеевич Горелов
Keyword(s):  
Network Performance ◽  
Denial Of Service ◽  
Control Channel ◽  
Bandwidth Utilization ◽  
Dos Attacks ◽  
Centralized Management ◽  
Channel Bandwidth ◽  
And Control ◽  
The Impact ◽  
Sdn Controller

Концепция программно-конфигурируемых сетей (SDN) стремительно набирает популярность в управлении сетевой инфраструктурой центров обработки данных и операторов связи. К её ключевым функциям относятся мониторинг, детальное управление, гибкость и масштабируемость. Но вместе с тем, централизованное управление SDN делает его уязвимым для различных типов атак, таких как спуфинг и отказ в обслуживании (DoS). DoS-атаки оказывают наиболее серьезное воздействие, поскольку они снижают производительность сети из-за перегрузки ее различных компонентов, то есть контроллера, коммутатора и канала управления. Существующие подходы справляются с DoS-атаками в SDN либо путем отбрасывания вредоносных пакетов, либо путем объединения правил потока, что приводит к потерям легитимного трафика. Для уменьшения последствий DoS-атак в этой статье предлагается использование механизма многоуровневой справедливой очереди, который обеспечивает совместное использование ресурсов контроллера с несколькими уровнями очередей, которые могут динамически расширяться и агрегироваться в зависимости от загруженности сети. Предлагаемый подход оценивается путем сравнения его с базовым контроллером SDN. Результаты моделирования показывают, что предлагаемый подход увеличивает производительность SDN с точки зрения использования пропускной способности канала управления. The concept of Software Defined Networking (SDN) is rapidly gaining popularity in the management of the network infrastructure of data centers and telecom operators. Its key functions include monitoring, granular control, flexibility and scalability. But at the same time, the centralized management of SDN makes it vulnerable to various types of attacks, such as spoofing and denial of service (DoS). DoS attacks have the most serious impact because they degrade network performance by overloading various components such as the controller, switch, and control channel. Existing approaches deal with SDN DoS attacks either by dropping malicious packets or by combining flow rules, which leads to the loss of legitimate traffic. To mitigate the impact of DoS attacks, this article proposes the use of a tiered fair queuing mechanism, which allows the sharing of controller resources with multiple queue tiers that can dynamically expand and aggregate based on network congestion. The proposed approach is evaluated by comparing it to a basic SDN controller. Simulation results show that the proposed approach increases SDN performance in terms of control channel bandwidth utilization.

scholarly journals Multi-level authentication protocol for enabling secure communication in IoT

2021 ◽  
Author(s):  
Khushal Singh ◽  
Nanhay Singh
Keyword(s):  
Secure Communication ◽  
Denial Of Service ◽  
Authentication Protocol ◽  
Communication Overhead ◽  
Simulation Environment ◽  
Dos Attacks ◽  
Multi Level ◽  
Two Phases ◽  
Hashing Function ◽  
Registration Phase

Abstract Internet of Things (IoT) is the domain of interest for the researchers at the present with the exponential growth in technology. Security in IoT is a prime factor, which highlights the need for authentication to tackle various attackers and hackers. Authentication is the process that uniquely identifies the incoming user and this paper develops an authentication protocol based on the chebyshev polynomial, hashing function, session password, and Encryption. The proposed authentication protocol is named as, proposed Elliptic, chebyshev, Session password, and Hash function (ECSH)-based multilevel authentication. For authenticating the incoming user, there are two phases, registration and authentication. In the registration phase, the user is registered with the server and Authentication center (AC), and the authentication follows, which is an eight-step criterion. The authentication is duly based on the scale factor of the user and server, session password, and verification messages. The authentication at the eight levels assures the security against various types of attacks and renders secure communication in IoT with minimal communication overhead and packet-loss. The performance of the method is analyzed using black-hole and Denial-of-service (DOS) attacks with 50 and 100 nodes in the simulation environment. The proposed ECSH-based multilevel authentication acquired the maximal detection rate, PDR, and QOS of 15.2%, 35.7895%, and 26.4623%, respectively in the presence of 50 nodes and DOS attacks, whereas the minimal delay of 135.922 ms is acquired in the presence of 100 nodes and DOS attacks.

E-Government and Denial of Service Attacks

2011 ◽  
pp. 1364-1378
Author(s):  
Aikaterini Mitrokotsa ◽  
Christos Douligeris
Keyword(s):  
Significant Role ◽  
Defense Mechanisms ◽  
Denial Of Service ◽  
Security Threats ◽  
Dos Attacks ◽  
Government Services ◽  
Repair Costs ◽  
Electronic Technologies

The use of electronic technologies in government services has played a significant role in making citizens’ lives more convenient. Even though the transition to digital governance has great advantages for the quality of government services it may be accompanied with many security threats. One of the major threats and hardest security problems e-Government faces are the Denial of Service (DoS) attacks. DoS attacks have already taken some of the most popular e-government sites off-line for several hours causing enormous losses and repair costs. In this chapter, important incidents of DoS attacks and results from surveys that indicate the seriousness of the problem are presented. In order to limit the problem of DoS attacks in government organisations we also present a list of best practices that can be used to combat the problem together with a classification of attacks and defense mechanisms.

E-Government and Denial of Service Attacks

2008 ◽  
pp. 1-15
Author(s):  
Aikaterini Mitrokotsa ◽  
Christos Douligeris
Keyword(s):  
Significant Role ◽  
Defense Mechanisms ◽  
Denial Of Service ◽  
Security Threats ◽  
Dos Attacks ◽  
Government Services ◽  
Repair Costs ◽  
Electronic Technologies

The use of electronic technologies in government services has played a significant role in making citizens’ lives more convenient. Even though the transition to digital governance has great advantages for the quality of government services it may be accompanied with many security threats. One of the major threats and hardest security problems e-Government faces are the Denial of Service (DoS) attacks. DoS attacks have already taken some of the most popular e-government sites off-line for several hours causing enormous losses and repair costs. In this chapter, important incidents of DoS attacks and results from surveys that indicate the seriousness of the problem are presented. In order to limit the problem of DoS attacks in government organisations we also present a list of best practices that can be used to combat the problem together with a classification of attacks and defense mechanisms.

scholarly journals SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks

Information ◽  
2019 ◽  
Vol 10 (3) ◽  
pp. 106 ◽  
Author(s):  
Pedro Manso ◽  
José Moura ◽  
Carlos Serrão
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Performance ◽  
Detection System ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Normal Operation ◽  
Ddos Attacks ◽  
Network Infrastructure ◽  
Sdn Controller

The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement a Software-Defined Intrusion Detection System (IDS) that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. Our proposal includes an IDS that automatically detects several DDoS attacks, and then as an attack is detected, it notifies a Software Defined Networking (SDN) controller. The current proposal also downloads some convenient traffic forwarding decisions from the SDN controller to network devices. The evaluation results suggest that our proposal timely detects several types of cyber-attacks based on DDoS, mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. Our work sheds light on the programming relevance over an abstracted view of the network infrastructure to timely detect a Botnet exploitation, mitigate malicious traffic at its source, and protect benign traffic.

scholarly journals Detection of DDoS Attacks in Software Defined Networking Using Entropy

2021 ◽  
Vol 12 (1) ◽  
pp. 370
Author(s):  
Cong Fan ◽  
Nitheesh Murugan Kaliyamurthy ◽  
Shi Chen ◽  
He Jiang ◽  
Yiwen Zhou ◽  
...  
Keyword(s):  
Detection Method ◽  
Denial Of Service ◽  
Software Defined Networking ◽  
Attack Detection ◽  
Detection Methods ◽  
Network Architectures ◽  
Security Threats ◽  
Ddos Attacks ◽  
Internet Users ◽  
Detection Effect

Software Defined Networking (SDN) is one of the most commonly used network architectures in recent years. With the substantial increase in the number of Internet users, network security threats appear more frequently, which brings more concerns to SDN. Distributed denial of Service (DDoS) attacks are one of the most dangerous and frequent attacks in software defined networks. The traditional attack detection method using entropy has some defects such as slow attack detection and poor detection effect. In order to solve this problem, this paper proposed a method of fusion entropy, which detects attacks by measuring the randomness of network events. This method has the advantages of fast attack detection speed and obvious decrease in entropy value. The complementarity of information entropy and log energy entropy is effectively utilized. The experimental results show that the entropy value of the attack scenarios 91.25% lower than normal scenarios, which has greater advantages and significance compared with other attack detection methods.

scholarly journals WSN-DS: A Dataset for Intrusion Detection Systems in Wireless Sensor Networks

2016 ◽  
Vol 2016 ◽  
pp. 1-16 ◽  
Author(s):  
Iman Almomani ◽  
Bassam Al-Kasasbeh ◽  
Mousa AL-Akhras
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
Intrusion Detection ◽  
Cross Validation ◽  
Denial Of Service ◽  
Wireless Sensor ◽  
Security Threats ◽  
Dos Attacks ◽  
Wide Range ◽  
Fold Cross Validation

Wireless Sensor Networks (WSN) have become increasingly one of the hottest research areas in computer science due to their wide range of applications including critical military and civilian applications. Such applications have created various security threats, especially in unattended environments. To ensure the security and dependability of WSN services, an Intrusion Detection System (IDS) should be in place. This IDS has to be compatible with the characteristics of WSNs and capable of detecting the largest possible number of security threats. In this paper a specialized dataset for WSN is developed to help better detect and classify four types of Denial of Service (DoS) attacks: Blackhole, Grayhole, Flooding, and Scheduling attacks. This paper considers the use of LEACH protocol which is one of the most popular hierarchical routing protocols in WSNs. A scheme has been defined to collect data from Network Simulator 2 (NS-2) and then processed to produce 23 features. The collected dataset is called WSN-DS. Artificial Neural Network (ANN) has been trained on the dataset to detect and classify different DoS attacks. The results show that WSN-DS improved the ability of IDS to achieve higher classification accuracy rate. WEKA toolbox was used with holdout and 10-Fold Cross Validation methods. The best results were achieved with 10-Fold Cross Validation with one hidden layer. The classification accuracies of attacks were 92.8%, 99.4%, 92.2%, 75.6%, and 99.8% for Blackhole, Flooding, Scheduling, and Grayhole attacks, in addition to the normal case (without attacks), respectively.

scholarly journals Augmenting Speech Quality Estimation in Software-Defined Networking Using Machine Learning Algorithms

Sensors ◽  
2021 ◽  
Vol 21 (10) ◽  
pp. 3477
Author(s):  
Jan Rozhon ◽  
Filip Rezac ◽  
Jakub Jalowiczor ◽  
Ladislav Behan
Keyword(s):  
Network Performance ◽  
Service Providers ◽  
Software Defined Networking ◽  
Speech Quality ◽  
Machine Learning Algorithms ◽  
Link Quality ◽  
Multimedia Communications ◽  
Speech Communication ◽  
Sdn Controller

With the increased number of Software-Defined Networking (SDN) installations, the data centers of large service providers are becoming more and more agile in terms of network performance efficiency and flexibility. While SDN is an active and obvious trend in a modern data center design, the implications and possibilities it carries for effective and efficient network management are not yet fully explored and utilized. With most of the modern Internet traffic consisting of multimedia services and media-rich content sharing, the quality of multimedia communications is at the center of attention of many companies and research groups. Since SDN-enabled switches have an inherent feature of monitoring the flow statistics in terms of packets and bytes transmitted/lost, these devices can be utilized to monitor the essential statistics of the multimedia communications, allowing the provider to act in case of network failing to deliver the required service quality. The internal packet processing in the SDN switch enables the SDN controller to fetch the statistical information of the particular packet flow using the PacketIn and Multipart messages. This information, if preprocessed properly, can be used to estimate higher layer interpretation of the link quality and thus allowing to relate the provided quality of service (QoS) to the quality of user experience (QoE). This article discusses the experimental setup that can be used to estimate the quality of speech communication based on the information provided by the SDN controller. To achieve higher accuracy of the result, latency characteristics are added based on the exploiting of the dummy packet injection into the packet stream and/or RTCP packet analysis. The results of the experiment show that this innovative approach calculates the statistics of each individual RTP stream, and thus, we obtain a method for dynamic measurement of speech quality, where when quality decreases, it is possible to respond quickly by changing routing at the network level for each individual call. To improve the quality of call measurements, a Convolutional Neural Network (CNN) was also implemented. This model is based on two standard approaches to measuring the speech quality: PESQ and E-model. However, unlike PESQ/POLQA, the CNN-based model can take delay into account, and unlike the E-model, the resulting accuracy is much higher.

scholarly journals Deep Reinforcement Learning for Building Honeypots against Runtime DOS Attack

2021 ◽  
Author(s):  
Selvakumar Veluchamy ◽  
RubaSoundar Kathavarayan
Keyword(s):  
Reinforcement Learning ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Dos Attack ◽  
Dos Attacks ◽  
Server Side ◽  
Intelligent Decision Making ◽  
Deep Recurrent Neural Network ◽  
And Performance

Abstract Honeypot is a network environment used to protect the legitimate network resources from attacks. Honeypot creates an environment that impresses attackers to inject their activities to steal resources. This is a way to detect the attacks by doing attack detection procedures. In this work, Denial of Service (DoS) attacks are effectively detected by proposed honeypot system. Machine Learning (ML) and Deep Learning (DL) methods evolve in many areas to build intelligent decision making systems. This work uses DL approaches and secures event validation procedures for finding predicting DoS attacks. The proposed system called Deep Adaptive Reinforcement Learning for Honeypots (DARLH) is implemented to monitor internal and external DoS attacks. In the honeypot environment, the proposed DARLH system implements DARL based IDS (Intrusion Detection System) agents and Deep Recurrent Neural Network (DRNN) based IDS agents for monitoring multiple runtime DoS attacks. These techniques support for dynamic IDS against DoS attack. In addition, the DARLH creates protected poison distribution and server side supervision system for keeping the monitoring events legitimate. This work is implemented and performance is evaluated. The results are compared with existing systems like GNBH, BCH and RNSG. In this comparison, the proposed system provides 5–10% better results than other systems.

Sign in / Sign up

Export Citation Format

Share Document