Real-time denial of service attack detection and mitigation on controller in software defined network environment / Bilal Ishfaq
Software Defined Network (SDN) decouples the control plane from the data plane to provide logically centralized control of the network. The control plane is considered as a brain of the network that controls the entire network. Due to such a unique feature, the control plane becomes the central poin...
| Main Author: | |
|---|---|
| Format: | Thesis |
| Published: |
2016
|
| Subjects: | |
| Online Access: | http://studentsrepo.um.edu.my/14256/ http://studentsrepo.um.edu.my/14256/1/Bilal_Isfaq.pdf http://studentsrepo.um.edu.my/14256/2/Bilal_Ishfaq.pdf |
| Summary: | Software Defined Network (SDN) decouples the control plane from the data plane to provide logically centralized control of the network. The control plane is considered as a brain of the network that controls the entire network. Due to such a unique feature, the control plane becomes the central point of attraction to different adversaries in SDN. If the controller is malfunctioned by the attacker than the whole operation of the SDN will be affected. The DoS attack is one of the attacks which affect the controller in the control plane in terms of network and computational resources. In this work, the focus is on the computational aspect of the controller and proposed a solution which assists to detect the attack at its early occurrence. The limitations in early proposed methods, such as early detection of DDoS attack and time-based DDoS attack detection methods, only detect the attack at controller, however it does not provide any information about its solution, such as how to handle these attacks. The objective of this study is to protect the SDN controller from DoS attack that will prevent the controller from being unreachable. The proposed technique not only detects any DoS attacks but also mitigate in real-time. This proposed technique is a lightweight solution which consumes less controller resources in detecting and mitigating the DoS attack. The DoS policy of the attack is implemented which blocks the traffic coming from the malicious node in SDN.
|
|---|