Skip to main content
SpringerLink
Log in

Collaborative Detection and Mitigation of Distributed Denial-of-Service Attacks on Software-Defined Network

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

This paper presents a collaborative technique to detect and mitigate Distributed Denial-of-Service (DDoS) flooding attacks on Software-Defined Network (SDN). This technique integrates sflow-RT application and Snort rules for the detection of DDoS traffic flows in an SDN controller. Redis Simple Message Queue (RSMQ) acts as a mechanism to share DDoS detection and mitigation rules among multiple Ryus SDN controllers. The rule-sharing allows a reduction of the controller’s overhead for processing DDoS detection and mitigation. The experimental results show that using the RSMQ mechanism can significantly detect and prevent DDoS attacks detection across multi-controller domains. It also provides early detection and mitigation of DDoS at lower controller overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Figure 3.
Fig. 4
Figure 5.
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. Yan Q, Yu FR (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine 53(4):52–9

  2. Yao Z, Yan Z (2016). Security in software-defined-networking: A survey. In: International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage. Springer, Cham pp 319–332

  3. Rodrigues B, Bocek T, Lareida A, Hausheer D, Rafati S, Stiller B (2017). A blockchain-based architecture for collaborative DDoS mitigation with smart contracts. In: IFIP International Conference on Autonomous Infrastructure, Management and Security. Springer, Cham pp 16–29

  4. 4. François J, Aib I, Boutaba R (2012). FireCol: a collaborative protection network for the detection of flooding DDoS attacks. IEEE/ACM Trans Networking 20(6):1828–41

  5. Mubarakali A, Alqahtani AS (2019). A Survey: Security Threats and Countermeasures in Software Defined Networking. In: 2nd International Conference on Information and Computer Technologies (ICICT). IEEE pp 180–185

  6. Dayal N, Srivastava S (2017). Analyzing behavior of DDoS attacks to identify DDoS detection features in SDN. In: 9th International Conference on Communication Systems and Networks (COMSNETS). IEEE pp 274–281

  7. Srinivasan K, Mubarakali A, Alqahtani AS, Kumar AD (2019). A Survey on the Impact of DDoS Attacks in Cloud Computing: Prevention, Detection and Mitigation Techniques. In: Intelligent Communication Technologies and Virtual Mobile Networks. Springer, Cham pp 252–270

  8. Conti M, Gangwal A, Gaur MS (2017). A comprehensive and effective mechanism for DDoS detection in SDN. In: 2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). IEEE pp 1–8

  9. Bawany NZ, Shamsi JA, Salah K (2017). DDoS attack detection and mitigation using SDN: methods, practices, and solutions. Arab J Sci Eng 42(2):425–41

  10. Xing T, Huang D, Xu L, Chung CJ, Khatkar P (2013). Snortflow: A OpenFlow-based intrusion prevention system in cloud environment. In: 2nd GENI research and educational experiment workshop. IEEE pp 89–92

  11. Chung CJ, Khatkar P, Xing T, Lee J, Huang D (2013). NICE: Network intrusion detection and countermeasure selection in virtual network systems. IEEE Transactions on Dependable and Secure Computing 10(4):198–211

  12. Mousavi SM, St-Hilaire M (2018). Early detection of DDoS attacks against software defined network controllers. J Netw Syst Manag 26(3):573–91

  13. Kokila RT, Selvi ST, Govindarajan K (2014). DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: Sixth International Conference on Advanced Computing (ICoAC). IEEE pp 205–210

  14. Nanda S, Zafari F, DeCusatis C, Wedaa E, Yang B (2016). Predicting network attack patterns in SDN using machine learning approach. In: Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). IEEE pp 167–172

  15. Afaq M, Rehman S, Song WC (2015). Large flows detection, marking, and mitigation based on sFlow standard in SDN. Journal of Korea Multimedia Society 18(2):189–98

  16. Baucke S, Mestery K, Shaikh A, Wright C (2013). Opendaylight: An open source SDN for your openstack cloud. In: An Open-Stack Summit, Hong Kong

  17. Goransson P, Black C, Culver T (2016). Software defined networks: a comprehensive approach. Morgan Kaufmann

  18. Von Ahn L, Blum M, Hopper NJ, Langford J (2003). CAPTCHA: Using hard AI problems for security. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg pp 294–311

  19. Piedrahita AF, Rueda S, Mattos DM, Duarte OC (2015). FlowFence: a denial of service defense system for software defined networking. In: Global Information Infrastructure and Networking Symposium (GIIS). IEEE pp 1–6

  20. Chen Z, Han F, Cao J, Jiang X, Chen S (2013). Cloud computing-based forensic analysis for collaborative network security management system. Tsinghua Sci Technol 18(1):40–50

  21. Hameed S, Khan HA (2017). Leveraging SDN for collaborative DDoS mitigation. In: International Conference on Networked Systems (NetSys). IEEE pp 1–6

  22. Macedo R, de Castro R, Santos A, Ghamri-Doudane Y, Nogueira M (2016). Self-organized SDN controller cluster conformations against DDoS attacks effects. In: Global Communications Conference (GLOBECOM). IEEE pp 1–6

  23. Rashidi B, Fung C. CoFence (2016): A collaborative DDoS defence using network function virtualization. In: 12th International Conference on Network and Service Management (CNSM). IEEE pp 160–166

  24. Muqaddas AS, Bianco A, Giaccone P, Maier G (2016). Inter-controller traffic in ONOS clusters for SDN networks. In: International Conference on Communications (ICC). IEEE pp 1–6

  25. Yang X, Han B, Sun Z, Huang J (2017). SDN-based DDoS attack detection with cross-plane collaboration and lightweight flow monitoring. In: Global Communications Conference (GLOBECOM). IEEE pp 1–6

  26. https://redis.io/topics/pubsub

Download references

Acknowledgements

The authors would like to thank Universiti Teknologi Malaysia, Johor Bahru, Johor, Malaysia for support this research.

Author information

Authors and Affiliations

  1. School of Electrical Engineering, Faculty of Engineering, Universiti Teknologi Malaysia, 81310, Johor Bahru, Johor, Malaysia

    Omer Elsier Tayfour & Muhammad Nadzir Marsono

Authors
  1. Omer Elsier Tayfour
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Muhammad Nadzir Marsono
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Muhammad Nadzir Marsono.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tayfour, O.E., Marsono, M.N. Collaborative Detection and Mitigation of Distributed Denial-of-Service Attacks on Software-Defined Network. Mobile Netw Appl 25, 1338–1347 (2020). https://doi.org/10.1007/s11036-020-01552-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-020-01552-0

Keywords

Search

Navigation