A Novel DDoS Attack-aware Smart Backup Controller Placement in SDN Design

Security issues like Distributed Denial of Service (DDoS) attacks are becoming the main threat for Software-Defined Networking (SDN). Controller placement is a fundamental factor in the design and planning of SDN infrastructure. The controller could be seen as a single dot of failure for the whole SDN and it's the alluring point for DDoS attack. Single controller placement implies a single point of SDN control. So, there is a very high chance to fail the entire network topology as the controller associated with all switches. As a result, legitimate clients won't have the capacity to use SDN services. This is the reason why the controller is the suitable center dot of attack for the aggressor. To protect SDN from this type of single purpose of failure, it is essential to place multiple smart backup controllers to guarantee the SDN operation. In this paper, we propose a novel Integer Linear Programming (ILP) model to optimize the security issue by placing powerful smart backup controller. Result obtained from the simulation shows that our proposed novel ILP model can suggest single or multiple smart backup controller placement to support several ordinary victim controllers which has the capacity to save the cost of multiple ordinary controllers by sharing link, maximum new flows per second of controller and port, etc.

Download Full-text

An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers

Technologies ◽

10.3390/technologies9010014 ◽

2021 ◽

Vol 9 (1) ◽

pp. 14

Author(s):

James Dzisi Gadze ◽

Akua Acheampomaa Bamfo-Asante ◽

Justice Owusu Agyemang ◽

Henry Nunoo-Mensah ◽

Kwasi Adu-Boahen Opare

Keyword(s):

Deep Learning ◽

Network Architecture ◽

Learning Algorithm ◽

Single Point ◽

Denial Of Service ◽

Specific Work ◽

Learning Models ◽

Ddos Attack ◽

Deep Learning Algorithm ◽

Proposed Model

Software-Defined Networking (SDN) is a new paradigm that revolutionizes the idea of a software-driven network through the separation of control and data planes. It addresses the problems of traditional network architecture. Nevertheless, this brilliant architecture is exposed to several security threats, e.g., the distributed denial of service (DDoS) attack, which is hard to contain in such software-based networks. The concept of a centralized controller in SDN makes it a single point of attack as well as a single point of failure. In this paper, deep learning-based models, long-short term memory (LSTM) and convolutional neural network (CNN), are investigated. It illustrates their possibility and efficiency in being used in detecting and mitigating DDoS attack. The paper focuses on TCP, UDP, and ICMP flood attacks that target the controller. The performance of the models was evaluated based on the accuracy, recall, and true negative rate. We compared the performance of the deep learning models with classical machine learning models. We further provide details on the time taken to detect and mitigate the attack. Our results show that RNN LSTM is a viable deep learning algorithm that can be applied in the detection and mitigation of DDoS in the SDN controller. Our proposed model produced an accuracy of 89.63%, which outperformed linear-based models such as SVM (86.85%) and Naive Bayes (82.61%). Although KNN, which is a linear-based model, outperformed our proposed model (achieving an accuracy of 99.4%), our proposed model provides a good trade-off between precision and recall, which makes it suitable for DDoS classification. In addition, it was realized that the split ratio of the training and testing datasets can give different results in the performance of a deep learning algorithm used in a specific work. The model achieved the best performance when a split of 70/30 was used in comparison to 80/20 and 60/40 split ratios.

Download Full-text

Detection and Prevention of DDoS Attack Using Gateway Mechanism

International Journal on Recent and Innovation Trends in Computing and Communication ◽

10.17762/ijritcc.v7i2.5227 ◽

2019 ◽

Vol 7 (2) ◽

pp. 21-26

Author(s):

Satvir Kaur, Gureshpal Singh, Baljinder Singh

Keyword(s):

Wireless Network ◽

Network Performance ◽

Denial Of Service ◽

Detection Algorithm ◽

Secret Information ◽

Ddos Attack ◽

Node Location ◽

Detection Schemes ◽

Entire Network

Denial of service is one of the most terrible attacks is the cloning attack of the node, where the attacker captures the knot and extracts its secret information, create replicas and enter them in the network field other malevolent behavior. To detect and mitigate this attack, several static-based detection schemes have been proposed. The detection algorithm based on the node location speed was proposed, to detect the attack of nodes clones in the wireless network. This algorithm reduces the costs of communication, routing, overloading the entire network and improving network performance.

Download Full-text

Novel Approach to detect Anomalies using Defensive Algorithm in SDN flows

Turkish Journal of Computer and Mathematics Education (TURCOMAT) ◽

10.17762/turcomat.v12i2.880 ◽

2021 ◽

Vol 12 (2) ◽

pp. 536-542

Author(s):

Sugandhi Midha, Et. al.

Keyword(s):

Single Point ◽

Denial Of Service ◽

Holistic Approach ◽

Dos Attack ◽

New Paradigm ◽

Novel Approach ◽

Network Flexibility ◽

Novel Method ◽

Entire Network ◽

Poor Management

The exponential growth of network users has to lead to poor management of networks that use the traditional networking approach. Traditional networking approaches have become an overhead in terms of flexibility, innovations, complexity, and programmability among the network. SDN guarantees a holistic approach to network flexibility and programmability. Network visibility in SDN gives scope for rapid innovation. SDN being a new paradigm, less work has been done towards security. Security is one of the biggest concerns in SDN. Separation of control and data plane in SDN has to lead to the emergence of Denial of Service (DoS) attack. The centralized controller in SDN makes it the best target for attackers and acts as a single point of failure. Attacks on the SDN controller can bring the entire network down. This paper presents an approach to monitor traffic and we propose a novel method to mitigate these anomalies and attacks in the network. We believe that the DoS attack can be toned down using this new technique.

Download Full-text

Detection and Prevention Algorithm of DDoS Attack Over the IOT Networks

TEM Journal ◽

10.18421/tem93-09 ◽

2020 ◽

pp. 899-906

Keyword(s):

Denial Of Service ◽

The Other ◽

High Rate ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Huge Number ◽

Security Issues ◽

Ddos Attack ◽

Legitimate User ◽

The Impact

One of the most notorious security issues in the IoT is the Distributed Denial of Service (DDoS) attack. Using a large number of agents, DDoS attack floods the host server with a huge number of requests causing interrupting and blocking the legitimate user requests. This paper proposes a detection and prevention algorithm for DDoS attacks. It is divided into two parts, one for detecting the DDoS attack in the IoT end devices and the other for mitigating the impact of the attack placed on the border router. Also, it has the ability to differentiate the High-rate from the Lowrate DDoS attack accurately and defend against these two types of attacks. It is implemented and tested against different scenarios to dissect their efficiency in detecting and mitigating the DDoS attack.

Download Full-text

Distributed Denial of Service Attacks and Defense in Cloud Computing

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch027 ◽

2021 ◽

pp. 522-540

Author(s):

Gopal Singh Kushwah ◽

Virender Ranga

Keyword(s):

Cloud Computing ◽

Denial Of Service ◽

High Availability ◽

Distributed Denial Of Service ◽

Security Issue ◽

Network Resources ◽

Ddos Attack ◽

On Demand ◽

Learning Machine

Cloud computing has now become a part of many businesses. It provides on-demand resources to its users based on pay-as-you-use policy, across the globe. The high availability feature of this technology is affected by distributed denial of service (DDoS) attack, which is a major security issue. In this attack, cloud or network resources are exhausted, resulting in a denial of service for legitimate users. In this chapter, a classification of various types of DDoS attacks has been presented, and techniques for defending these attacks in cloud computing have been discussed. A discussion on challenges and open issues in this area is also given. Finally, a conceptual model based on extreme learning machine has been proposed to defend these attacks.

Download Full-text

A Virtual Firewall Mechanism Using Army Nodes to Protect Cloud Infrastructure from DDoS Attacks

Cybernetics and Information Technologies ◽

10.2478/cait-2014-0034 ◽

2014 ◽

Vol 14 (3) ◽

pp. 71-85 ◽

Cited By ~ 6

Author(s):

N Jeyanthi ◽

P. C. Mogankumar

Keyword(s):

Denial Of Service ◽

Threat Detection ◽

Distributed Denial Of Service ◽

Distributed Network ◽

Cloud Infrastructure ◽

Ddos Attack ◽

Cloud Server ◽

Simulation Results ◽

The Cost ◽

Attack Mitigation

Abstract Cloud is not exempted from the vulnerability of Distributed Denial of Service (DDoS) attack, a serious threat to any distributed network and has considerably less effective solutions to deploy in the network. This paper introduces a novel mechanism to protect and prevent the cloud from the spurious packets targeting the depletion of server resources. The army nodes called “Cloud DDoS Attack Protection” (CDAP) nodes are installed at the cloud server farm/ Datacenter (DC). These army nodes act as virtual firewall without destroying the Cloud Infrastructure and improve the availability of DC, even at the time of DDoS attack. By continuously monitoring the incoming packets, CDAP filters the attack packets intruding the Cloud DC. Availability is further improved by handing over the threat detection and attack mitigation to CDAP nodes and by redirecting the malicious user requests to the dump network. The simulation results prove that the introduction of CDAP nodes improve the availability and reduce the response time and the cost incurred.

Download Full-text

To eliminate the threat of a Single Point of Failure in the SDN by using the Multiple Controllers

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b3433.079220 ◽

2020 ◽

Vol 9 (2) ◽

pp. 234-241

Keyword(s):

Single Point ◽

High Availability ◽

Software Defined Network ◽

Tolerance Mechanism ◽

Control Logic ◽

Global View ◽

Single Controller ◽

Entire Network ◽

Sdn Controller ◽

Multiple Controllers

The Software Defined Network (SDN) provides an innovative paradigm for networking, which improve the programmability and flexibility of the network. Due to the separation between the control and data plane, all the control logic transfer to the controller. In SDN, the controller, which provides a global view of the whole network. That is why it acts as the “Network Brain” of the network. Because the controller has the capability to configure or reconfigure the forwarding devices by customizing their policies in a dynamic manner. Thus, the controller provides a centralized logical view of the entire network. Therefore, all manipulation and implementation in the network are control by the single controller in the SDN, which increases the maximum chance of a single point of failure (SPOF) in the network. As a consequence, it collapses the entire network. Therefore, a fault tolerance mechanism is required which reduce single point of failure in the network by using multiple controllers. As a significance, this mechanism also increases the scalability, reliability, and high availability of services in the network. The three different roles of multiple controllers are equal, master and slave exist in the SDN. In the simulation, the Ryu SDN controller and Mininet tool are utilized. During the simulation to analysis, what is happen when a single point of failure (SPOF) occur in the network and how to use the different roles of the multiple controllers (such as equal, master and slave) which reduces the threat of single point of failure in SDN network.

Download Full-text

The Slow HTTP Distributed Denial of Service Attack Detection in Cloud

Scalable Computing Practice and Experience ◽

10.12694/scpe.v20i2.1501 ◽

2019 ◽

Vol 20 (2) ◽

pp. 285-298 ◽

Cited By ~ 1

Author(s):

A. Dhanapal ◽

P. Nithyanandam

Keyword(s):

Cloud Computing ◽

Financial Services ◽

Denial Of Service ◽

Attack Detection ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Ddos Attack ◽

Service Attack ◽

The Cost

Cloud computing became popular due to nature as it provides the flexibility to add or remove the resources on-demand basis. This also reduces the cost of investments for the enterprises significantly. The adoption of cloud computing is very high for enterprises running their online applications. The availability of online services is critical for businesses like financial services, e-commerce applications, etc. Though cloud provides availability, still these applications are having potential threats of going down due to the slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. The slow HTTP attacks intention is to consume all the available server resources and make it unavailable to the real users. The slow HTTP DDoS attack comes with different formats such as slow HTTP headers attacks, slow HTTP body attacks and slow HTTP read attacks. Detecting the slow HTTP DDoS attacks in the cloud is very crucial to safeguard online cloud applications. This is a very interesting and challenging topic in DDoS as it mimics the slow network. This paper proposed a novel method to detect slow HTTP DDoS attacks in the cloud. The solution is implemented using the OpenStack cloud platform. The experiments conducted exhibits the accurate results on detecting the attacks at the early stages. The slowHTTPTest open source tool is used in this experiment to originate slow HTTP DDoS attacks.

Download Full-text

Assessment of Security Issues in Cloud Computing

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1189.0882s819 ◽

2019 ◽

Vol 8 (2S8) ◽

pp. 991-993

Keyword(s):

Cloud Computing ◽

Denial Of Service ◽

Cloud Service ◽

Cloud Security ◽

Security Measures ◽

Counter Measures ◽

Security Issues ◽

Computing Model ◽

Security Standards ◽

The Cost

A computing model in which the computing resources such as hardware, software and data are provided as a service via web browser or light-weight desktop machine on the internet is termed as Cloud computing. This computing model demolishes the requirement of keeping the resources of computer locally hence reducing the cost of worthy resources (Llorente, Montero & Moreno, 2012). A typical cloud is affected by various security concerns such as Temporary Denial of Service (TDOS) attacks, hijacking session issues, flashing attacks and theft of user identity. The motto of this study is to overcome the research gap between the cloud security constraints and the existing security danger. An investigation into the present cloud service models, presently applied security measures, security standards and their level of flawless shielding has been done. This thematic study helped in disclosing various security issues and their counter measures whereas the empirical study facilitated in acknowledgement of the botherings of users and security analysts in regards to those solution strategy. The empirical methods used in this research were interviews and questionnaires to justify the theoretical findings and to gain the originality of practitioners dealing with cloud security

Download Full-text