Abstract
This paper addresses how to detect denial-of-service attacks using sFlow. Denial-of-service (DoS) attack is a critical security challenge in software-defined network (SDN). In DoS attack, the network bandwidth is acquired by disrupting the services of the server by abruptly increasing the traffic and making the server unavailable for other users. The most challenging problem of DoS attack is to detect the attack almost instantly and in a precise manner. This paper presents the detection of DoS attacks by using sFlow analyzer, a SDNs flow monitoring tool. In the event of any attack, sFlow collects sample packets from network traffic, analyzes suspicious behavior and creates handling rules which are then sent to the controller. Implementation of DoS attack is carried out by emulating a typical network in Mininet and integrating this with sFlow analyzer. Through the simulated results, the potential DoS victims and attackers are quickly found.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ambrosin M, Conti M, De Gaspari F, Poovendran R (2017) Lineswitch: tackling control plane saturation attacks in software-defined networking. IEEE/ACM Trans Netw (TON) 25(2):1206–1219
Dridi L, Zhani MF (2018) A holistic approach to mitigating DOS attacks in SDN networks. Int J Netw Manag 28(1):e1996
Jyothirmai P, Raj JS, Smys S (2017) Secured self organizing network architecture in wireless personal networks. Wirel Pers Commun 96(4):5603–5620
Nugraha M, Paramita I, Musa A, Choi D, Cho B (2014) Utilizing OpenFlow and sFlow to detect and mitigate SYN flooding attack, 17(8):988–994
Ombase PM et al (2017) Survey on DOS attack challenges in software defined networking. Int J Comput App 975:8887
Othman RA (2000) Understanding the various types of denial of service attack. Bus Week Online. Accessed 12 Feb 2000
Peter: Mininet flow analytics. https://blog.sflow.com/2016/05/mininet-flow-analytics.html. Accessed 10 Jan 2019
Scarlato M. Network monitoring in software defined networking (thesis). Accessed 30 Jul 2014
Shang G, Zhe P, Bin X, Aiqun H, Kui R (2017) Flooddefender: protecting data and control plane resources under SDN-aimed DOS attacks. In: INFOCOM 2017-IEEE conference on computer communications. IEEE, pp 1–9
Sridhar S, Smys S (2016) A hybrid multilevel authentication scheme for private cloud environment. In: 2016 10th international conference on intelligent systems and control (ISCO). IEEE, pp 1–5
Stallings W (2015) Foundations of modern networking: SDN, NFV, QoE, IoT, and Cloud. Addison-Wesley Professional
Swapna AI, Reza MRH, Aion MK (2016) Security analysis of software defined wireless network monitoring with sFlow and FlowVisor. In: International conference on communication and electronics systems (ICCES). IEEE, pp 1–7
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Hublikar, S., Eligar, V., Kakhandki, A. (2020). Detecting Denial-of-Service Attacks Using sFlow. In: Ranganathan, G., Chen, J., Rocha, Á. (eds) Inventive Communication and Computational Technologies. Lecture Notes in Networks and Systems, vol 89. Springer, Singapore. https://doi.org/10.1007/978-981-15-0146-3_46
Download citation
DOI: https://doi.org/10.1007/978-981-15-0146-3_46
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0145-6
Online ISBN: 978-981-15-0146-3
eBook Packages: EngineeringEngineering (R0)