DAISY: A Detection and Mitigation System Against Denial-of-Service Attacks in Software-Defined Networks

Software-defined networking (SDN) is becoming more and more popular due to its key features like scalability, flexibility, and monitoring. SDN simplifies the network management and enables innovations in the network architecture and protocols. However, this flexible architecture also makes it vulnerable to different types of attacks, such as flooding, spoofing, and denial-of-service (DoS). Among these attacks, the DoS attack has the most severe impact as it can overwhelm the major components of SDN to degrade its performance. In this paper, we propose a simple and lightweight detection and mitigation system (DAISY) to secure SDN from DoS attacks by blocking malicious traffic from the attacker, after analyzing the collected statistics. The proposed system specifically blocks malicious traffic rather than blocking the whole port or a host. In addition, it unblocks a port or a host when there is no more malicious traffic originating from it. We evaluate our proposed system by comparing it with other approaches, and the simulation results show increased performance of SDN with DAISY in terms of CPU usage, response time, control channel bandwidth, packet delivery ratio, and flow requests sent to the controller.