An intelligent software defined networking controller component to detect and mitigate denial of service attacks
Despite many advantages of software defined networking (SDN) such as manageability, scalability, and performance, it has inherent security threats. In particular, denial of service (DoS) attacks are major threats to SDN. The controller processing and communication abilities are overwhelmed by DoS at...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Universiti Utara Malaysia Press
2021
|
| Subjects: | |
| Online Access: | https://repo.uum.edu.my/id/eprint/28788/1/JICT%2020%2001%202021%2057-81.pdf https://repo.uum.edu.my/id/eprint/28788/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.uum.repo.28788 |
|---|---|
| record_format |
eprints |
| spelling |
my.uum.repo.287882022-08-07T02:54:47Z https://repo.uum.edu.my/id/eprint/28788/ An intelligent software defined networking controller component to detect and mitigate denial of service attacks Polat, Onur Polat, Huseyin TK Electrical engineering. Electronics Nuclear engineering Despite many advantages of software defined networking (SDN) such as manageability, scalability, and performance, it has inherent security threats. In particular, denial of service (DoS) attacks are major threats to SDN. The controller processing and communication abilities are overwhelmed by DoS attacks. The capacity of the flow tables in the switching device is exhausted due to excess flows created by the controller because of malicious packets. DoS attacks on the controller cause the network performance to drop to a critical level. In this paper, a new SDN controller component was proposed to detect and mitigate DoS attacks in the SDN controller. POX layer three controller component was used for underlying a testbed for PacketIn messages. Any packet from the host was incremented to measure the rate of packet according to its device identification and its input port number. Considering the rate of packets received by the controller and threshold set, malicious packets could be detected and mitigated easily. A developed controller component was tested in a Mininet simulation environment with an hping3 tool to build artificial DoS attacks. Using the enhanced controller component, DoS packets were prevented from accessing the controller and thus, the data plane (switching devices) was prevented from being filled with unwanted flows. Universiti Utara Malaysia Press 2021 Article PeerReviewed application/pdf en https://repo.uum.edu.my/id/eprint/28788/1/JICT%2020%2001%202021%2057-81.pdf Polat, Onur and Polat, Huseyin (2021) An intelligent software defined networking controller component to detect and mitigate denial of service attacks. Journal of Information and Communication Technology, 20 (01). pp. 57-81. ISSN 2180-3862 |
| institution |
Universiti Utara Malaysia |
| building |
UUM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Utara Malaysia |
| content_source |
UUM Institutional Repository |
| url_provider |
http://repo.uum.edu.my/ |
| language |
English |
| topic |
TK Electrical engineering. Electronics Nuclear engineering |
| spellingShingle |
TK Electrical engineering. Electronics Nuclear engineering Polat, Onur Polat, Huseyin An intelligent software defined networking controller component to detect and mitigate denial of service attacks |
| description |
Despite many advantages of software defined networking (SDN) such as manageability, scalability, and performance, it has inherent security threats. In particular, denial of service (DoS) attacks are major threats to SDN. The controller processing and communication abilities are overwhelmed by DoS attacks. The capacity of the flow tables in the switching device is exhausted due to excess flows created by the controller because of malicious packets. DoS attacks on the controller cause the network performance to drop to a critical level. In this paper, a new SDN controller component was proposed to detect and mitigate DoS attacks in the SDN controller. POX layer three controller component was used for underlying a testbed for PacketIn messages. Any
packet from the host was incremented to measure the rate of packet according to its device identification and its input port number. Considering the rate of packets received by the controller and threshold set, malicious packets could be detected and mitigated easily. A developed controller component was tested in a Mininet simulation environment with an hping3 tool to build artificial DoS attacks. Using the enhanced controller component, DoS packets were prevented from accessing the controller and thus, the data plane (switching devices) was prevented from being filled with unwanted flows. |
| format |
Article |
| author |
Polat, Onur Polat, Huseyin |
| author_facet |
Polat, Onur Polat, Huseyin |
| author_sort |
Polat, Onur |
| title |
An intelligent software defined networking controller component to detect and mitigate denial of service attacks |
| title_short |
An intelligent software defined networking controller component to detect and mitigate denial of service attacks |
| title_full |
An intelligent software defined networking controller component to detect and mitigate denial of service attacks |
| title_fullStr |
An intelligent software defined networking controller component to detect and mitigate denial of service attacks |
| title_full_unstemmed |
An intelligent software defined networking controller component to detect and mitigate denial of service attacks |
| title_sort |
intelligent software defined networking controller component to detect and mitigate denial of service attacks |
| publisher |
Universiti Utara Malaysia Press |
| publishDate |
2021 |
| url |
https://repo.uum.edu.my/id/eprint/28788/1/JICT%2020%2001%202021%2057-81.pdf https://repo.uum.edu.my/id/eprint/28788/ |
| _version_ |
1740828601501089792 |
| score |
13.18916 |