Performance Analysis of DDoS Attack on SDN and Proposal of Cracking Agorithm

The software-defined network (SDN) emerges as an updated technology that changes the scenario of networking where the network is managed by means of software. Any network is always not secure, and hence, the research in terms of securing this network is an area of research. DDoS is one of the attacks that makes a network insecure. This paper proposes the impact in terms of performance of SDN networks due to DDoS attack and proposes a new algorithm for increasing the performance of network. The proposed algorithm prevents the DDoS attack at the application level of flooding by keeping track of IP addresses and thus improves the performance of the network by preventing from DDoS attacks.

Download Full-text

Mitigation of DDoS attack instigated by compromised switches on SDN controller by analyzing the flow rule request traffic

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.6.10065 ◽

2018 ◽

Vol 7 (2.6) ◽

pp. 46 ◽

Cited By ~ 2

Author(s):

Sanjeetha R ◽

Shikhar Srivastava ◽

Rishab Pokharna ◽

Syed Shafiq ◽

Dr Anita Kanavalli

Keyword(s):

Network Architecture ◽

Flow Rule ◽

Software Defined Network ◽

Ddos Attacks ◽

Control Plane ◽

Ddos Attack ◽

Flow Table ◽

Data Plane ◽

Ddos Detection ◽

Sdn Controller

Software Defined Network (SDN) is a new network architecture which separates the data plane from the control plane. The SDN controller implements the control plane and switches implement the data plane. Many papers discuss about DDoS attacks on primary servers present in SDN and how they can be mitigated with the help of controller. In our paper we show how DDoS attack can be instigated on the SDN controller by manipulating the flow table entries of switches, such that they send continuous requests to the controller and exhaust its resources. This is a new, but one of the possible way in which a DDoS attack can be performed on controller. We show the vulnerability of SDN for this kind of attack. We further propose a solution for mitigating it, by running a DDoS Detection module which uses variation of flow entry request traffic from all switches in the network to identify compromised switches and blocks them completely.

Download Full-text

Detection and Prevention Algorithm of DDoS Attack Over the IOT Networks

TEM Journal ◽

10.18421/tem93-09 ◽

2020 ◽

pp. 899-906

Keyword(s):

Denial Of Service ◽

The Other ◽

High Rate ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Huge Number ◽

Security Issues ◽

Ddos Attack ◽

Legitimate User ◽

The Impact

One of the most notorious security issues in the IoT is the Distributed Denial of Service (DDoS) attack. Using a large number of agents, DDoS attack floods the host server with a huge number of requests causing interrupting and blocking the legitimate user requests. This paper proposes a detection and prevention algorithm for DDoS attacks. It is divided into two parts, one for detecting the DDoS attack in the IoT end devices and the other for mitigating the impact of the attack placed on the border router. Also, it has the ability to differentiate the High-rate from the Lowrate DDoS attack accurately and defend against these two types of attacks. It is implemented and tested against different scenarios to dissect their efficiency in detecting and mitigating the DDoS attack.

Download Full-text

Controlled DDoS Attack on IPv4/IPv6 Network Using Distributed Computing Infrastructure

Journal of information and organizational sciences ◽

10.31341/jios.44.2.6 ◽

2020 ◽

Vol 44 (2) ◽

pp. 297-316

Author(s):

Michal Čerňanský ◽

Ladislav Huraj ◽

Marek Šimon

Keyword(s):

Experimental Results ◽

Ddos Attacks ◽

Test Environment ◽

Ddos Attack ◽

Simple Tool ◽

Ipv6 Network ◽

Experimental Testbed ◽

Ipv6 Networks ◽

The Impact

The paper focuses on design, background and experimental results of real environment of DDoS attacks. The experimental testbed is based on employment of a tool for IT automation to perform DDoS attacks under monitoring. DDoS attacks are still serious threat in both IPv4 and IPv6 networks and creation of simple tool to test the network for DDoS attack and to allow evaluation of vulnerabilities and DDoS countermeasures of the networks is necessary. In proposed testbed, Ansible orchestration tool is employed to perform and coordinate DDoS attacks. Ansible is a powerful tool and simplifies the implementation of the test environment. Moreover, no special hardware is required for the attacks execution, the testbed uses existing infrastructure in an organization. The case study of implementation of this environment shows straightforwardness to create a testbed comparable with a botnet with ten thousand bots. Furthermore, the experimental results demonstrate the potential of the proposed environment and present the impact of the attacks on particular target servers in IPv4 and IPv6 networks.

Download Full-text

Software Defined Network : The Comparison of SVM kernel on DDoS Detection

RSF Conference Series: Engineering and Technology ◽

10.31098/cset.v1i1.413 ◽

2021 ◽

Vol 1 (1) ◽

pp. 281-290

Author(s):

Rifki Indra Perwira ◽

Hari Prapcoyo

Keyword(s):

Network Security ◽

New Technology ◽

Training Data ◽

Software Defined Network ◽

Data Traffic ◽

Ddos Attacks ◽

Ddos Attack ◽

Ddos Detection ◽

The Difference ◽

The Brain

SDN is a new technology in the concept of a network where there is a separation between the data plane and the control plane as the brain that regulates data forwarding so that it becomes a target for DDoS attacks. Detection of DDoS attacks is an important topic in the field of network security. because of the difficulty of detecting the difference between normal traffic and anomalous attacks. Based on data from helpnetsecurity.com, in 2020 there were 4.83 million attempted DoS/DDoS attacks on various services, this shows that network security is very important. Various methods have been used in detecting DDoS attacks such as using a threshold on passing network traffic with an average traffic size compared to 3 times the standard deviation, the weakness of this method is if there is a spike in traffic it will be detected as an attack even though the traffic is normal so that it increases false positives. To maintain security on the SDN network, the reason is that a system is needed that can detect DDoS attacks anomalously by taking advantage of the habits that appear on the system and assuming that if there are deviations from the habits that appear then it is declared a DDoS attack, the SVM method is used to categorize the data traffic obtained from the controller to detect whether it is a DDoS attack or not. Based on the tests conducted with 500 training data, the accuracy is 99,2%. The conclusion of this paper is that the RBF SVM kernel can be very good at detecting anomalous DDoS attacks.

Download Full-text

Present Status of Distributed Denial of Service (DDoS) Attacks in Internet World

International Journal of Mathematical Engineering and Management Sciences ◽

10.33889/ijmems.2019.4.4-080 ◽

2019 ◽

Vol 4 (4) ◽

pp. 1008-1017

Author(s):

Rajeev Singh ◽

T. P. Sharma

Keyword(s):

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

5G Networks ◽

Dos Attack ◽

Ddos Attack ◽

Digital World ◽

Iot Devices ◽

The Impact ◽

Day By Day

Distributed Denial of Service (DDoS) attack harms the digital availability in Internet. The user’s perspective of getting quick and effective services may be badly hit by the DDoS attackers. There are several reports of DDoS attack incidences that have caused devastating effects on the user and web services in the Internet world. In the present digital world dominated by wireless, mobile and IoT devices, the numbers of users are increasing day by day. Most of the users are novice and therefore their devices either fell prey to DDoS attacks or unknowingly add themselves to the DDoS attack Army. We soon will witness the 5G mobile revolution but there are reports that 5G networks are also falling prey to DDoS attacks and hence, the realization of DoS attack as a threat needs to be understood. The paper targets to assess the DDoS attack threat. It identifies the impact of attack and also reviews existing Indian laws.

Download Full-text

Detection of Adversarial DDoS Attacks Using Generative Adversarial Networks with Dual Discriminators

Symmetry ◽

10.3390/sym14010066 ◽

2022 ◽

Vol 14 (1) ◽

pp. 66

Author(s):

Chin-Shiuh Shieh ◽

Thanh-Tuan Nguyen ◽

Wan-Wei Lin ◽

Yong-Lin Huang ◽

Mong-Fong Horng ◽

...

Keyword(s):

Machine Learning ◽

Short Term Memory ◽

Denial Of Service ◽

Training Data ◽

Generative Adversarial Networks ◽

Ddos Attacks ◽

Ddos Attack ◽

Adversarial Networks ◽

Ddos Detection ◽

The Impact

DDoS (Distributed Denial of Service) has emerged as a serious and challenging threat to computer networks and information systems’ security and integrity. Before any remedial measures can be implemented, DDoS assaults must first be detected. DDoS attacks can be identified and characterized with satisfactory achievement employing ML (Machine Learning) and DL (Deep Learning). However, new varieties of aggression arise as the technology for DDoS attacks keep evolving. This research explores the impact of a new incarnation of DDoS attack–adversarial DDoS attack. There are established works on ML-based DDoS detection and GAN (Generative Adversarial Network) based adversarial DDoS synthesis. We confirm these findings in our experiments. Experiments in this study involve the extension and application of the GAN, a machine learning framework with symmetric form having two contending neural networks. We synthesize adversarial DDoS attacks utilizing Wasserstein Generative Adversarial Networks featuring Gradient Penalty (GP-WGAN). Experiment results indicate that the synthesized traffic can traverse the detection systems such as k-Nearest Neighbor (KNN), Multi-Layer Perceptron (MLP) and Random Forest (RF) without being identified. This observation is a sobering and pessimistic wake-up call, implying that countermeasures to adversarial DDoS attacks are urgently needed. To this problem, we propose a novel DDoS detection framework featuring GAN with Dual Discriminators (GANDD). The additional discriminator is designed to identify adversary DDoS traffic. The proposed GANDD can be an effective solution to adversarial DDoS attacks, as evidenced by the experimental results. We use adversarial DDoS traffic synthesized by GP-WGAN to train GANDD and validate it alongside three other DL technologies: DNN (Deep Neural Network), LSTM (Long Short-Term Memory) and GAN. GANDD outperformed the other DL models, demonstrating its protection with a TPR of 84.3%. A more sophisticated test was also conducted to examine GANDD’s ability to handle unseen adversarial attacks. GANDD was evaluated with adversarial traffic not generated from its training data. GANDD still proved effective with a TPR around 71.3% compared to 7.4% of LSTM.

Download Full-text

Impact of Defending Strategy Decision on DDoS Attack

Complexity ◽

10.1155/2021/6694383 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Chunming Zhang

Keyword(s):

Denial Of Service ◽

Logistic Function ◽

Parameter Analysis ◽

Attack Behavior ◽

Strategy Selection ◽

Ddos Attacks ◽

Effective Strategies ◽

Ddos Attack ◽

Existence And Stability ◽

The Impact

Distributed denial-of-service (DDoS) attack is a serious threat to cybersecurity. Many strategies used to defend against DDoS attacks have been proposed recently. To study the impact of defense strategy selection on DDoS attack behavior, the current study uses logistic function as basis to propose a dynamic model of DDoS attacks with defending strategy decisions. Thereafter, the attacked threshold of this model is calculated. The existence and stability of attack-free and attacked equilibria are proved. Lastly, some effective strategies to mitigate DDoS attacks are suggested through parameter analysis.

Download Full-text

Evaluating the Impact of DDoS Attacks in Vehicular Ad-Hoc Networks

International Journal of Security and Privacy in Pervasive Computing ◽

10.4018/ijsppc.2020100101 ◽

2020 ◽

Vol 12 (4) ◽

pp. 1-18

Author(s):

Kaushik Adhikary ◽

Shashi Bhushan ◽

Sunil Kumar ◽

Kamlesh Dutta

Keyword(s):

Ad Hoc Networks ◽

Vehicular Ad Hoc Networks ◽

Ad Hoc ◽

Denial Of Service ◽

Experimental Results ◽

Ddos Attacks ◽

Dos Attacks ◽

Ddos Attack ◽

Hoc Networks ◽

The Impact

The presence of either malicious vehicles or inaccessibility of network services makes vehicular ad-hoc networks (VANETs) easy targets for denial of service (DoS) attacks. The sole purpose of DoS attacks is to prevent the intended users from accessing the available resources and services. When the DoS attack is carried out by multiple vehicles distributed throughout the network, it is referred as distributed DoS (DDoS) attack. A lot of works have been done by researchers in securing the vehicular communication against the DDoS attacks. In this paper, efforts have been made to simulate the DDoS attacks in VANETs as well as to study their impact on the performance of networks. The experimental results are presented using six important metrics, which are collision, jitter, delay, packet drop, ratio-in-out, and throughput. The experimental results show that the impact of distributed DoS (DDoS) attack on networks performance is very critical and must be addressed to ensure the smooth functioning of networks.

Download Full-text

Performance Analysis and Design Considerations of the Shallow Underwater Optical Wireless Communication System with Solar Noises Utilizing a Photon Tracing-Based Simulation Platform

Electronics ◽

10.3390/electronics10050632 ◽

2021 ◽

Vol 10 (5) ◽

pp. 632

Author(s):

Xiaozheng Wang ◽

Minglun Zhang ◽

Hongyu Zhou ◽

Xiaomin Ren

Keyword(s):

Performance Analysis ◽

Wireless Communication ◽

Ambient Noise ◽

Large Scale ◽

Delay Spread ◽

Simulation Platform ◽

Optical Wireless Communication ◽

Optical Wireless ◽

Analysis And Design ◽

The Impact

The performance of the underwater optical wireless communication (UOWC) system is highly affected by seawater´s inherent optical properties and the solar radiation from sunlight, especially for a shallow environment. The multipath effect and degradations in signal-to-noise ratio (SNR) due to absorption, scattering, and ambient noises can significantly limit the viable communication range, which poses key challenges to its large-scale commercial applications. To this end, this paper proposes a unified model for underwater channel characterization and system performance analysis in the presence of solar noises utilizing a photon tracing algorithm. Besides, we developed a generic simulation platform with configurable parameters and self-defined scenarios via MATLAB. Based on this platform, a comprehensive investigation of underwater channel impairments was conducted including temporal and spatial dispersion, illumination distribution pattern, and statistical attenuation with various oceanic types. The impact of ambient noise at different operation depths on the bit error rate (BER) performance of the shallow UOWC system was evaluated under typical specifications. Simulation results revealed that the multipath dispersion is tied closely to the multiple scattering phenomenon. The delay spread and ambient noise effect can be mitigated by considering a narrow field of view (FOV) and it also enables the system to exhibit optimal performance on combining with a wide aperture.

Download Full-text

Detection of Unknown DDoS Attacks with Deep Learning and Gaussian Mixture Model

Applied Sciences ◽

10.3390/app11115213 ◽

2021 ◽

Vol 11 (11) ◽

pp. 5213

Author(s):

Chin-Shiuh Shieh ◽

Wan-Wei Lin ◽

Thanh-Tuan Nguyen ◽

Chi-Hong Chen ◽

Mong-Fong Horng ◽

...

Keyword(s):

Deep Learning ◽

Gaussian Mixture Model ◽

Mixture Model ◽

Denial Of Service ◽

Gaussian Mixture ◽

Mitigation Measures ◽

Distribution Model ◽

Ddos Attacks ◽

Open Set ◽

The Impact

DDoS (Distributed Denial of Service) attacks have become a pressing threat to the security and integrity of computer networks and information systems, which are indispensable infrastructures of modern times. The detection of DDoS attacks is a challenging issue before any mitigation measures can be taken. ML/DL (Machine Learning/Deep Learning) has been applied to the detection of DDoS attacks with satisfactory achievement. However, full-scale success is still beyond reach due to an inherent problem with ML/DL-based systems—the so-called Open Set Recognition (OSR) problem. This is a problem where an ML/DL-based system fails to deal with new instances not drawn from the distribution model of the training data. This problem is particularly profound in detecting DDoS attacks since DDoS attacks’ technology keeps evolving and has changing traffic characteristics. This study investigates the impact of the OSR problem on the detection of DDoS attacks. In response to this problem, we propose a new DDoS detection framework featuring Bi-Directional Long Short-Term Memory (BI-LSTM), a Gaussian Mixture Model (GMM), and incremental learning. Unknown traffic captured by the GMM are subject to discrimination and labeling by traffic engineers, and then fed back to the framework as additional training samples. Using the data sets CIC-IDS2017 and CIC-DDoS2019 for training, testing, and evaluation, experiment results show that the proposed BI-LSTM-GMM can achieve recall, precision, and accuracy up to 94%. Experiments reveal that the proposed framework can be a promising solution to the detection of unknown DDoS attacks.

Download Full-text