UPM Institutional Repository

Early detection and mitigation of DDoS attacks in software defined networks


Al-Saadi, Mustafa Yahya Zakariya (2018) Early detection and mitigation of DDoS attacks in software defined networks. Masters thesis, Universiti Putra Malaysia.


One of the security challenges in Software Defined networking (SON) is Distributed denial of service (DDoS) attacks that overwhelm the controller and consume its resources making it unreachable effecting the connectivity throughout the entire network. To detect and mitigate this attack at its early stages, an entropy-based DDoS attack detection and mitigation algorithm was proposed. The algorithm was written in Python programming language to be implementing on a POX controller. To find the proper detection threshold a series of tests on different scenarios of normal and attack traffic were conducted. If the entropy of the destination JP address falls below the threshold and continue for five consecutive times it is declared as an attack. Then the algorithm was tested with attack on one host and a sub net of six hosts with attack rates of25%, 50% and 75% for the first case and 50%, 75% attack rate for the subnet case. The attack was detected successfully without false negative alarms since the threshold was carefully chosen. Then the next step was to test the mitigation algorithm, the same above scenarios of attack were repeated and the entropy change after the mitigation was observed. The entropy increased and came close to the normal traffic entropy. The proposed method in this project was able to detect and mitigate the attack effectively in its early stages before the intensity escalate to a degree that exhausts the controller. This algorithm was minimal in line code to make it lightweight and made use of the controller's functionality without adding extra computational burden on the controller.

Download File

[img] Text
FSKTM 2018 26 IR.pdf

Download (1MB)

Additional Metadata

Item Type: Thesis (Masters)
Subject: Software-defined networking (Computer network technology)
Subject: Denial of service attacks
Call Number: FSKTM 2018 26
Chairman Supervisor: Pn. Hjh Zaiton Muda
Divisions: Faculty of Computer Science and Information Technology
Depositing User: Mas Norain Hashim
Date Deposited: 01 Mar 2022 02:26
Last Modified: 01 Mar 2022 02:26
URI: http://psasir.upm.edu.my/id/eprint/91946
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item