Abstract
The study evaluates two Distributed Denial of Service (DDoS) attacks detection schemes, the Cloud based and the Netplumber. The schemes are evaluated in terms of CPU and memory utilization. The main objective is to identify the better algorithm with a view of enhancing the schemes. The related work on detection algorithms was reviewed. The schemes are evaluated in a Software defined and Cognitive Radio (SD-CRN) Network environment. An early detection and lightweight detection schemes is desirable.
The desirable algorithm detects the attack within the least number of packets. It also consumes less memory and the least amount of CPU time on average. The study uses a statistical approach with the covariance matrix to evaluate the effect of the attack on the SD-CRN controller. SD-CRN introduces a programmable, dynamic, adaptable, manageable and cost-effective network architecture.
DDoS attacks deplete the network bandwidth or exhausts the victim’s resources. Researchers have proposed a number of defence mechanisms (such as attack prevention, trackback, reaction, detection, and characterization) in an endeavour to address the effects of the DDoS attacks. Unfortunately, the incidents of the attacks are on the rise. However, the results of this evaluation show that the Netplumber is the promising algorithm.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bany Salameh, H., Krunz, M.: Channel access protocols for multihop opportunistic networks: challenges and recent developments. In: IEEE Network-Special Issue on Networking over Multi-hop Cognitive Networks, July 2017
Stevenson, C., Chouinard, G., Lei, Z., Wendong, H., Shellhammer, S., Caldwell, W.: IEEE 802.22: the first cognitive radio wireless regional area network standard. IEEE Commun. Magaz. 47(1), 130–138 (2009). https://doi.org/10.1109/MCOM.2009.4752688
Marx, S.E., Luck, J.D., Hoy, R.M., Pitla, S.K., Darr, M.J., Blankenship, E.: Validation of machine CAN bus J1939 fuel rate accuracy using Ne-braska Tractor Test Laboratory fuel rate data. Comput. Electron. Agric. 118, 179–185 (2015)
Bera, S., Misra, S., Vasilakos, A.V.: Software-defined networking for Internet of Things: a survey. IEEE Internet Things J. 4(6), 1994–2008 (2017)
wiki. MATLAB (2017). https://en.wikipedia.org/wiki/MATLAB. Accessed 27 Feb 2017
Shin, S., Gu, G.: Attacking Software-Defined Networks: A First Feasibility Study (2013)
Feamste, N., Hyojoo, K.: Improving Network Management with Software Defined Networking (2013)
Mousavi, S.M., St-Hilaire, M.: Early detection of DDoS attacks against SDN controller. In: International Conference on Computing, Networking and Communications, Communications and Information Security Symposium (2015)
Mousavi, S.M., St-Hilaire, M.: Early detection of DDoS attacks against SDN controller. In: International Conference on Computing, Networking and Communications, Communications and Information Security Symposium (2017)
Giotis, K., Androulidakis, G., Maglaris, V.: Leveraging SDN for efficient anomaly detection and mitigation on legacy networks. In: Third European Workshop on Software-Defined Network (2014)
Kokila, R., Selvi, T., Govindaraja, K.: DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: Sixth International Conference on Advanced Computing (ICoAC) (2014)
Khurshid, A., Zou, X., Zhou, W., Caesar, M., Godfrey, P.: VeriFlow: Verifying Network-wide Invariants in Real Time (2013)
Kazemian, P., Chang, M., Zeng, H., Varghese, G., McKeown, N., Whyte, S.: Real Time Network Policy Checking Using Header Space (2013)
Dhawan, M., Poddar, R., Mahajan, K., Mann, V.: SPHINX: Detecting Security Attacks in Software-Defined Networks (2015)
Gkounis, D., Kotronis, V., Dimitropoulos, X.: Towards Defeating the Crossfire Attack using SDN (2013)
Krishnan, R., Durrani, M., Phaal, P.: Real-time SDN Analytics for DDoS mitigation (2014)
Anderson, C.J., et al.: NetKAT: Semantic foundations for networks. InPOPL (2014)
Bailis, P., Andkingsbury, K.: The Network is reliable. Queue 12(7), 20:20–20:32 (2014)
Beckett, R., Zou, X.K., Zhang, S., Malik, S., Rexford, J., Andwalker, D.: An assertion language for debugging SDN applications. In: HotSDN (2014)
Radware. DefenseFlow: The SDN Application that Programs Networks for DoS Security. Network Applications in Software Defined Networking (SDN) (2017)
Morales, L., Murillo, A., Rueda, S.: Extending the floodlight controller. In: 2015 IEEE 14th International Symposium on Network Computing and Applications (2015)
Floodlight. Floodlight Project. http://www.projectfloodlight.org/floodlight/. Accessed 15 July 2016
Bhuyan, M., Kashyap, H., Bhattacharyya, D., Kalita, J.: Detecting Distributed Denial of Service Attacks: Methods, Tools and Future Directions (2017)
Nhu-Ngoc, D., Junho, P., Minho, P., Sungrae, C.: A Feasible Method to combat against DDoS Attack in SDN Network
Aggarwal, A., Gupta, A.: Survey on data mining and IP traceback technique in DDoS attack. Int. J. Eng. Comput. Sci. 4(6), 12595–12598 (2015). ISSN:2319-7242
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Rikhotso, V., Velempini, M. (2022). The Evaluation of the Two Detection Algorithms for Distributed Denial of Service Attack. In: Bao, W., Yuan, X., Gao, L., Luan, T.H., Choi, D.B.J. (eds) Ad Hoc Networks and Tools for IT. ADHOCNETS TridentCom 2021 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 428. Springer, Cham. https://doi.org/10.1007/978-3-030-98005-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-98005-4_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-98004-7
Online ISBN: 978-3-030-98005-4
eBook Packages: Computer ScienceComputer Science (R0)