An approach for slow distributed denial of service attack detection and alleviation in software defined networks
- 1. Department of Information Science and Engineering, Dayananda Sagar College of Engineering, Visvesvaraya Technological University, Bengaluru, India
Description
Over the last few years, the need for programmable networks has captured the interest of industrialists and academicians. It has led to the development of a paradigm called software defined network (SDN). It separates the network intelligence into the control plane and forwarding logic into the data plane. This architecture gives scope to various security issues of which denial of service (DoS) is the most common and challenging to detect. This paper focuses on the detection and mitigation of a slow DoS attack called Slowloris on Apache2 server in SDN based networks. The proposed solution is called Slowloris detection and mitigation mechanism (SDMM). Mininet, an emulator, and SimpleHTTPServer are used for simulation and the same is implemented using Zodiac FX OpenFlow switch, Ryu controller and Apache2 server. SDMM algorithm detects and mitigates prolonged Slowloris attack in typical networks as well as in slow networks with low bandwidth and high delay in 240-280s with an accuracy of 100% and 98% respectively. It uses expectation of burst size as a key factor for detection.
Files
46 26809 v25i1 Jan22.pdf
Files
(731.5 kB)
Name | Size | Download all |
---|---|---|
md5:51c86d306d7cbb5ee659618a308347c9
|
731.5 kB | Preview Download |