Abstract
World is emerging into global village with the support of internet connectivity. With the help of this connectivity, it also made everyone subject of being compromised. Many organizations’ confidential data and numerous online services become victim of cyber-attacks. Different researches and innovations have been made for making network secure but commercial routers limit them to deploy custom security algorithms in real network. Recently, researchers succeed to innovate a novel protocol OpenFlow in Software Defined Networks. Taking advantage of this innovation we utilized OpenFlow to analyze real-time traffic, detect DDoS attack and mitigate attack. In this paper, we proposed a methodology to automatically detect different type of DDoS attacks within few seconds of occurrence using sampling techniques for continuous monitoring site-wide traffic and block attacking source with the help of OpenFlow protocol.
This is a preview of subscription content, log in via an institution.
References
Feamster, N., Rexford, J., Zegura, E.: The road to SDN: an intellectual history of programmable networks. ACM SIGCOMM Comput. Commun. Rev. 44(2), 87–98 (2014)
McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., Turner, J.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 42–47 (2008)
Yao, G., Bi, J., Xiao, P.: Source address validation solution with OpenFlow/NOX architecture. In: Proceedings of International Conference on Network Protocol (ICNP), pp. 7–12 (2011)
Shin, S., Gu, G.: CloudWatcher: network security monitoring using openflow in dynamic cloud networks. In: Proceedings of International Conference on Network Protocol (ICNP), pp. 1–6 (2012)
Kumar, S., Kumar, T., Singh, G., Nehra, M.S.: Open flow switch with intrusion detection system. Int. J. Sci. Res. Eng. Technol. (IJSRET) 1, 1–4 (2012)
Li, J., Berg, S., Zhang, M., Reiher, P., Wei, T.: DrawBridge-software-defined DDoS-resistant traffic engineering. In: SIGCOMM 2014, pp. 591–592 (2014)
Sahay, R., Blanc, G., Zhang, Z., Debar, H.: Towards autonomic DDoS mitigation using software defined networking (2015, to appear)
Mousavi, S.M.: Early detection of DDoS attacks in software defined networks controller. Thesis, Carleton University, Ottawa, Ontario (2014)
Mehdi, S.A., Khalid, J., Khayam, S.A.: Revisiting traffic anomaly detection using software defined networking. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 161–180. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23644-0_9
Braga, R., Edjard, M., Passito, A.: Lightweight DDoS flooding attack detection using NOX, OpenFlow. In: LCN 10 Proceedings of the IEEE 35th Conference on Local Computer, pp. 408–415 (2010)
Shin, S., Porras, P., Yegneswaran, V., Fong, M. GU, G., Tyson, M.: FRESCO: modular composable security services for software-defined networks. In: Proceedings of Network and Distributed Security Symposium (2013)
Phaal, P., Panchen, S., McKee, N.: InMon corporations sFlow: a method for monitoring traffic in switched and routed networks. IETF, RFC 3176, pp. 1–31 (2001)
Ur Rehman, S., Song, W.-C., Kang, M.: Network-wide traffic visibility in OF@TEIN SDN testbed using sFlow. In: Network Operations and Management Symposium (APNOMS), pp. 1–6. IEEE (2014)
Kim, H., Reich, J., Gupta, A., Shahbaz, M., Feamster, N., Clark, R.: Kinetic: verifiable dynamic network control. In: USENIX NSDI (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Shahzad, F., Khan, M.A., Khan, S.A., Rehman, S., Akhlaq, M. (2017). AutoDrop: Automatic DDoS Detection and Its Mitigation with Combination of OpenFlow and sFlow. In: Ferreira, J., Alam, M. (eds) Future Intelligent Vehicular Technologies. Future 5V 2016. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 185. Springer, Cham. https://doi.org/10.1007/978-3-319-51207-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-51207-5_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-51206-8
Online ISBN: 978-3-319-51207-5
eBook Packages: Computer ScienceComputer Science (R0)