SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks
Open Access
- 8 March 2019
- journal article
- research article
- Published by MDPI AG in Information
- Vol. 10 (3), 106
- https://doi.org/10.3390/info10030106
Abstract
The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement a Software-Defined Intrusion Detection System (IDS) that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. Our proposal includes an IDS that automatically detects several DDoS attacks, and then as an attack is detected, it notifies a Software Defined Networking (SDN) controller. The current proposal also downloads some convenient traffic forwarding decisions from the SDN controller to network devices. The evaluation results suggest that our proposal timely detects several types of cyber-attacks based on DDoS, mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. Our work sheds light on the programming relevance over an abstracted view of the network infrastructure to timely detect a Botnet exploitation, mitigate malicious traffic at its source, and protect benign traffic.Keywords
This publication has 12 references indexed in Scilit:
- D-FACE: An anomaly based distributed approach for early detection of DDoS attacks and flash eventsJournal of Network and Computer Applications, 2018
- Dynamic Game based Security framework in SDN-enabled Cloud Networking EnvironmentsPublished by Association for Computing Machinery (ACM) ,2017
- A review of detection approaches for distributed denial of service attacksSystems Science & Control Engineering, 2017
- Hybrid Sampling with Bagging for Class Imbalance LearningPublished by Springer Science and Business Media LLC ,2016
- Characterizing flash events and distributed denial‐of‐service attacks: an empirical investigationSecurity and Communication Networks, 2016
- A survey of network anomaly detection techniquesJournal of Network and Computer Applications, 2016
- Software-Defined Networking: A Comprehensive SurveyProceedings of the IEEE, 2014
- SnortFlow: A OpenFlow-Based Intrusion Prevention System in Cloud EnvironmentPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- Intrusion detection by machine learning: A reviewExpert Systems with Applications, 2009
- Anomaly detectionACM Computing Surveys, 2009