DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN
<p dir="ltr">Software-defined networking (SDN) is becoming more and more popular due to its key features of scalability and flexibility, simplifying network management and enabling innovations in the network architecture and protocols. In SDNs, the most crucial part is the controller...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Published: |
2023
|
| Subjects: | |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513527476125696 |
|---|---|
| author | Lubna Fayez Eliyan (17949290) |
| author2 | Roberto Di Pietro (16875987) |
| author2_role | author |
| author_facet | Lubna Fayez Eliyan (17949290) Roberto Di Pietro (16875987) |
| author_role | author |
| dc.creator.none.fl_str_mv | Lubna Fayez Eliyan (17949290) Roberto Di Pietro (16875987) |
| dc.date.none.fl_str_mv | 2023-08-04T12:00:00Z |
| dc.identifier.none.fl_str_mv | 10.1109/access.2023.3301994 |
| dc.relation.none.fl_str_mv | https://figshare.com/articles/journal_contribution/DeMi_A_Solution_to_Detect_and_Mitigate_DoS_Attacks_in_SDN/25205288 |
| dc.rights.none.fl_str_mv | CC BY 4.0 info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Engineering Electrical engineering Electronics, sensors and digital hardware Materials engineering Entropy Control systems IP networks Feature extraction Proof of Work Electronic mail Behavioral sciences SDN DoS DDoS security detection mitigation load balancing |
| dc.title.none.fl_str_mv | DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN |
| dc.type.none.fl_str_mv | Text Journal contribution info:eu-repo/semantics/publishedVersion text contribution to journal |
| description | <p dir="ltr">Software-defined networking (SDN) is becoming more and more popular due to its key features of scalability and flexibility, simplifying network management and enabling innovations in the network architecture and protocols. In SDNs, the most crucial part is the controller, tasked with managing the entire network and configuring routes. Given its critical role, a failure or problem occurring at the controller may degrade and even collapse the entire SDN. A typical threat controllers are subject to is a Denial of Service (DoS) attack. To cope with the above-introduced threat, in this paper we propose a lightweight DoS attack detection and mitigation method (DeMi) as well as a heavy-load management module. The proposed solution for detection leverages a sample entropy approach coupled with an adaptive dynamic threshold considering an exponentially weighted moving average (EWMA); the mitigation approach is based on proof of work (PoW) combined with flow rule installations; and, the heavy-load management method implements a scheduling approach at the SDN controller. Results are staggering: for instance, when DeMi is deployed, in an attack scenario the number of exchanged control packets is roughly similar to the attack-free scenario—without DeMi, the number of control packets in the network is 2,7 times more than what experienced in an attack-free setting. As per the number of re-transmitted packets, again, DeMi is able to achieve a re-transmission rate similar to an attack-free scenario—without DeMi the of packets that need to be re-transmitted is roughly 3,7 times the number of packets re-transmission occurring in an attack-free scenario. Moreover, DeMi does not block legitimate traffic, contrary to other solutions in the literature. The novelty of the approach, the demonstrated complete end-to-end solution, and the quality of the achieved experimental results, other than being interesting on their own, do pave the way for further research in this field.</p><h2>Other Information</h2><p dir="ltr">Published in: IEEE Access<br>License: <a href="http://creativecommons.org/licenses/by/4.0" target="_blank">http://creativecommons.org/licenses/by/4.0</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1109/access.2023.3301994" target="_blank">https://dx.doi.org/10.1109/access.2023.3301994</a></p> |
| eu_rights_str_mv | openAccess |
| id | Manara2_aa9b780c5467c4ae0cebb4001df6fa13 |
| identifier_str_mv | 10.1109/access.2023.3301994 |
| network_acronym_str | Manara2 |
| network_name_str | Manara2 |
| oai_identifier_str | oai:figshare.com:article/25205288 |
| publishDate | 2023 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| rights_invalid_str_mv | CC BY 4.0 |
| spelling | DeMi: A Solution to Detect and Mitigate DoS Attacks in SDNLubna Fayez Eliyan (17949290)Roberto Di Pietro (16875987)EngineeringElectrical engineeringElectronics, sensors and digital hardwareMaterials engineeringEntropyControl systemsIP networksFeature extractionProof of WorkElectronic mailBehavioral sciencesSDNDoSDDoSsecuritydetectionmitigationload balancing<p dir="ltr">Software-defined networking (SDN) is becoming more and more popular due to its key features of scalability and flexibility, simplifying network management and enabling innovations in the network architecture and protocols. In SDNs, the most crucial part is the controller, tasked with managing the entire network and configuring routes. Given its critical role, a failure or problem occurring at the controller may degrade and even collapse the entire SDN. A typical threat controllers are subject to is a Denial of Service (DoS) attack. To cope with the above-introduced threat, in this paper we propose a lightweight DoS attack detection and mitigation method (DeMi) as well as a heavy-load management module. The proposed solution for detection leverages a sample entropy approach coupled with an adaptive dynamic threshold considering an exponentially weighted moving average (EWMA); the mitigation approach is based on proof of work (PoW) combined with flow rule installations; and, the heavy-load management method implements a scheduling approach at the SDN controller. Results are staggering: for instance, when DeMi is deployed, in an attack scenario the number of exchanged control packets is roughly similar to the attack-free scenario—without DeMi, the number of control packets in the network is 2,7 times more than what experienced in an attack-free setting. As per the number of re-transmitted packets, again, DeMi is able to achieve a re-transmission rate similar to an attack-free scenario—without DeMi the of packets that need to be re-transmitted is roughly 3,7 times the number of packets re-transmission occurring in an attack-free scenario. Moreover, DeMi does not block legitimate traffic, contrary to other solutions in the literature. The novelty of the approach, the demonstrated complete end-to-end solution, and the quality of the achieved experimental results, other than being interesting on their own, do pave the way for further research in this field.</p><h2>Other Information</h2><p dir="ltr">Published in: IEEE Access<br>License: <a href="http://creativecommons.org/licenses/by/4.0" target="_blank">http://creativecommons.org/licenses/by/4.0</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1109/access.2023.3301994" target="_blank">https://dx.doi.org/10.1109/access.2023.3301994</a></p>2023-08-04T12:00:00ZTextJournal contributioninfo:eu-repo/semantics/publishedVersiontextcontribution to journal10.1109/access.2023.3301994https://figshare.com/articles/journal_contribution/DeMi_A_Solution_to_Detect_and_Mitigate_DoS_Attacks_in_SDN/25205288CC BY 4.0info:eu-repo/semantics/openAccessoai:figshare.com:article/252052882023-08-04T12:00:00Z |
| spellingShingle | DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN Lubna Fayez Eliyan (17949290) Engineering Electrical engineering Electronics, sensors and digital hardware Materials engineering Entropy Control systems IP networks Feature extraction Proof of Work Electronic mail Behavioral sciences SDN DoS DDoS security detection mitigation load balancing |
| status_str | publishedVersion |
| title | DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN |
| title_full | DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN |
| title_fullStr | DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN |
| title_full_unstemmed | DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN |
| title_short | DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN |
| title_sort | DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN |
| topic | Engineering Electrical engineering Electronics, sensors and digital hardware Materials engineering Entropy Control systems IP networks Feature extraction Proof of Work Electronic mail Behavioral sciences SDN DoS DDoS security detection mitigation load balancing |