Journal
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE
Volume 89, Issue -, Pages 685-697Publisher
ELSEVIER
DOI: 10.1016/j.future.2018.07.017
Keywords
SDN; Controller; DDoS attack; Information distance; Generalized entropy
Categories
Ask authors/readers for more resources
The primary innovations behind Software Defined Networks (SDN) are the decoupling of the control plane from the data plane and centralizing the network management through a specialized application running on the controller. In spite of many advantages, SDN based data centers' security issues is still a matter of concern among the research communities. Although SDN becomes a valuable tool to defeat attackers, at the same time SDN itself becomes a victim of Distributed Denial-of-Service (DDoS) attacks due to the potential vulnerabilities exist across various SDN layer. The logically centralized controller is always an attractive target for DDoS attack. Hence, it is important to have a fast as well as accurate detection model to detect the control layer attack traffic at an early stage. We have employed information distance (ID) as a metric to detect the attack traffic at the controller. The ID metric can quantify the deviations of network traffic with different probability distributions. In this paper, taking the advantages of flow based nature of SDN, we proposed a Generalized Entropy (GE) based metric to detect the low rate DDoS attack to the control layer. The experimental results show that our detection mechanism improves the detection accuracy as compared to Shannon entropy and other statistical information distance metrics. (C) 2018 Published by Elsevier B.V.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available