Skip to main content
Springer Nature Link
Log in

Detection and Defense Against DDoS Attack on SDN Controller Based on Feature Selection

  • Conference paper
  • First Online:
Security and Privacy in Social Networks and Big Data (SocialSec 2022)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1663))

Abstract

Software-defined networking (SDN) can provide flexible traffic control and is an important part of the next-generation computer network. Distributed Denial of Service (DDoS) attack targeting the controller can seriously affect the performance of SDN. Although there are many schemes to detect and defend against this type of attack, the detection accuracy and efficiency of these schemes are severely limited due to the large scale and high dimension of traffic in SDN. According to the characteristics of SDN, this paper presents a new feature selection method to detect and defend against DDoS attacks targeting the controller. Firstly, Spearman’s rank correlation coefficient and Gini impurity were used to extract the optimal feature subset. Then the attack detection module will detect the DDoS attack. Finally, attack defense module is introduced to filter attack packets and protect controller computing resources. We used the NSL-KDD dataset for evaluation and comparison with other schemes. Experimental results show that our scheme can detect and defend against DDoS attacks accurately.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Lopes, F.A., Santos, M., Fidalgo, R.: A software engineering perspective on SDN programmability. IEEE Commun. Surv. Tutorials 18(2), 1255–1272 (2015)

    Article  Google Scholar 

  2. Sarmiento, D.E., Lebre, A., Nussbaum, L.: Decentralized SDN control plane for a distributed cloud-edge infrastructure: a survey. IEEE Commun. Surv. Tutorials 23, 256–281 (2021)

    Article  Google Scholar 

  3. Das, T., Sridharan, V., Gurusamy, M.: A survey on controller placement in SDN. IEEE Commun. Surv. Tutorials 22(1), 472–503 (2019)

    Article  Google Scholar 

  4. Yurekten, O., Demirci, M.: SDN-based cyber defense: a survey. Futur. Gener. Comput. Syst. 115, 126–149 (2021)

    Article  Google Scholar 

  5. Yan, Q., Yu, F.R., Gong, Q.: Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Commun. Surv. Tutorials 18(1), 602–622 (2015)

    Article  Google Scholar 

  6. Abhishta, A., Heeswijk, W., Junger, M.: Why would we get attacked? An analysis of attacker’s aims behind DDoS attacks. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. 11(2), 3–22 (2020)

    Google Scholar 

  7. SaiSindhuTheja, R., Shyam, G.K.: An efficient metaheuristic algorithm based feature selection and recurrent neural network for DoS attack detection in cloud computing environment. Appl. Soft Comput. 100, 106997 (2021)

    Google Scholar 

  8. Xu, Y., Liu, Y.: DDoS attack detection under SDN context. In: IEEE INFOCOM 2016-The 35th Annual IEEE International Conference on Computer Communications, San Francisco, pp. 1–9. IEEE (2016)

    Google Scholar 

  9. Kumar, P., Tripathi, M., Nehra, A.: SAFETY: early detection and mitigation of TCP SYN flood utilizing entropy in SDN. IEEE Trans. Netw. Serv. Manag. 15(4), 1545–1559 (2018)

    Article  Google Scholar 

  10. Shin, S., Yegneswaran, V., Porras, P.: Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, Berlin, pp. 413–424. ACM (2013)

    Google Scholar 

  11. Sarvari, S., Sani, N.F.M., Hanapi, Z.M.: An efficient anomaly intrusion detection method with feature selection and evolutionary neural network. IEEE Access 8, 70651–70663 (2020)

    Article  Google Scholar 

  12. McKeown, N., Anderson, T., Balakrishnan, H.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)

    Article  Google Scholar 

  13. Rawas, S.: Energy, network, and application-aware virtual machine placement model in SDN-enabled large scale cloud data centers. Multimed. Tools Appl. 80(10), 15541–15562 (2021). https://doi.org/10.1007/s11042-021-10616-6

    Article  Google Scholar 

  14. Medved, J., Varga, R., Tkacik, A.: OpenDaylight: towards a model-driven SDN controller architecture. In: Proceeding of IEEE International Symposium on a World of Wireless. Mobile and Multimedia Networks, Sydney, pp. 1–6. IEEE (2014)

    Google Scholar 

  15. Floodligh[EB/OL]. http://www.projectfloodlight.org/. Accessed 4 Oct 2021

  16. Dayal, N., Maity, P., Srivastava, S.: Research trends in security and DDoS in SDN. Secur. Commun. Netw. 9(18), 6386–6411 (2016)

    Article  Google Scholar 

  17. Hancer, E., Xue, B., Zhang, M.: A survey on feature selection approaches for clustering. Artif. Intell. Rev. 53(6), 4519–4545 (2020). https://doi.org/10.1007/s10462-019-09800-w

    Article  Google Scholar 

  18. Agrawal, P., Abutarboush, H.F., Ganesh, T.: Metaheuristic algorithms on feature selection: a survey of one decade of research (2009–2019). IEEE Access 9, 26766–26791 (2021)

    Article  Google Scholar 

  19. Qin, J., Zhang, X., Li, P.: Anomaly detection based on feature correlation and influence degree in SDN. In: 2020 International Conferences on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber. Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress on Cybermatics (Cybermatics), Rhodes Island, pp. 186–192. IEEE (2020)

    Google Scholar 

  20. Wei, G., Zhao, J., Feng, Y.: A novel hybrid feature selection method based on dynamic feature importance. Appl. Soft Comput. 93, 106337 (2020)

    Google Scholar 

  21. Kavitha, G., Elango, N.M.: An approach to feature selection in intrusion detection systems using machine learning algorithms. Int. J. e-Collaboration (IJeC) 16(4), 48–58 (2020)

    Article  Google Scholar 

  22. Jiang, L., Kong, G., Li, C.: Wrapper framework for test-cost-sensitive feature selection. IEEE Trans. Syst. Man Cybern.: Syst. 51(3), 1747–1756 (2019)

    Google Scholar 

  23. Wang, M., Lu, Y., Qin, J.: A dynamic MLP-based DDoS attack detection method using feature selection and feedback. Comput. Secur. 88, 101645 (2020)

    Google Scholar 

  24. Kasongo, S.M., Sun, Y.: A deep learning method with wrapper based feature extraction for wireless intrusion detection system. Comput. Secur. 92, 101752 (2020)

    Google Scholar 

  25. Sebbar, A., Karim, Z., Baadi, Y.: Using advanced detection and prevention technique to mitigate threats in SDN architecture. In: 2019 15th International Wireless Communications and Mobile Computing Conference (IWCMC), Morocco, pp. 90–95. IEEE (2019)

    Google Scholar 

  26. Kim, Y., Lau, W.C., Chuah, M.C.: PacketScore: statistics-based overload control against distributed denial-of-service attacks. In: IEEE INFOCOM 2004, Toronto, pp. 2594–2604. IEEE (2004)

    Google Scholar 

  27. NSL-KDD Data Set[EB/OL]. http://nsl.cs.unb.ca/NSL-KDD. Accessed 23 June 2021

  28. Mininet. http://mininet.org/. Accessed 20 Oct 2021

  29. Xu, Y., Ma, J., Zhong, S.: Detection and defense against DDoS attack on SDN controller based on spatiotemporal feature. In: Yu, S., Mueller, P., Qian, J. (eds.) SPDE 2020. CCIS, vol. 1268, pp. 3–18. Springer, Singapore (2020). https://doi.org/10.1007/978-981-15-9129-7_1

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Anhui University, Hefei, China

    Yan Xu, Yongming Liu & JinXing Ma

Authors
  1. Yan Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yongming Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. JinXing Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yan Xu .

Editor information

Editors and Affiliations

  1. Xidian University, Xi’an, China

    Xiaofeng Chen

  2. Fujian Normal University, Fuzhou, China

    Xinyi Huang

  3. Wrocław University of Science and Technology, Wrocław, Poland

    Mirosław Kutyłowski

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Xu, Y., Liu, Y., Ma, J. (2022). Detection and Defense Against DDoS Attack on SDN Controller Based on Feature Selection. In: Chen, X., Huang, X., Kutyłowski, M. (eds) Security and Privacy in Social Networks and Big Data. SocialSec 2022. Communications in Computer and Information Science, vol 1663. Springer, Singapore. https://doi.org/10.1007/978-981-19-7242-3_16

Download citation

  • DOI: https://doi.org/10.1007/978-981-19-7242-3_16

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-19-7241-6

  • Online ISBN: 978-981-19-7242-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics