Abstract
Software-defined networking (SDN) is a new way of designing and managing networks. The central SDN controller serves as the network’s brain in the control plane. This paper compares the performance of OpenDayLight (ODL) and Ryu SDN controllers by installing the most stable version of the controllers on a realistic test environment, Mininet, on which several other SDN controllers are built. The sFlow and snort tools have been used to compare the performance of the two controllers for a variety of different workloads. Tests were carried out by launching Distributed Denial of Service (DDoS) attacks on the host, stopping them, and then examining the outcomes. Experimental results show that the ODL controller is more effective than the Ryu controller in dealing with DDoS attacks on the SDN network. DDoS attacks are detected using Mininet analysis and the tools Snort and sFlow. The results also show that both controllers perform better in terms of flow setup latency and load shedding performance compared to the Ryu controller. The ODL controller exceeds the Ryu controller in levels of jitter, and its computational complexity outperforms the Ryu controller in terms of processing power. Based on these test findings, it can be concluded that both controllers perform equally well in terms of jitter and ODL is more reliable than Ryu.
Similar content being viewed by others
References
Altamemi, A.-J., Abdulhassan, A., Obeis, N.-T.: DDoS attack detection in software defined networking controller using machine learning techniques. Bulletin of Electrical Engineering and Informatics. 11(5), 2836–2844 (2022)
Yungaicela, N.-N.-M., Vargas-Rosales, C., Perez-Diaz, J.-A., Carrera, D.-F.: A flexible SDN-based framework for slow-rate DDoS attack mitigation by using deep reinforcement learning. J. Netw. Comput. Appl. 205, 103444 (2022)
Mohammadi, R., Lal, C., Conti, M., Sharma, L.: Software defined network-based HTTP flooding attack defender. Comput. Electr. Eng. 101, 108019 (2022)
Badotra, S., Panda, S.-N.: Evaluation and comparison of OpenDayLight and open networking operating system in software-defined networking. Clust. Comput. 23(2), 1281–1291 (2020)
Aslam, M., Ye, D., Tariq, A., Asad, M., Hanif, M., Ndzi, D., Jilani, S.-F.: Adaptive machine learning based distributed denial-of-services attacks detection and mitigation system for SDN-enabled iot. Sensors. 22(7), 2697 (2022)
Priyadarshini, R., Barik, R.-K.: A deep learning based intelligent framework to mitigate DDoS attack in fog environment. J. King Saud Univ. - Comput. Inf. Sci. 34(3), 825–831 (2019)
Muragaa, W. H.: The single packet Low-rate DDoS attack detection and prevention in SDN. 2022 IEEE 2nd International Maghreb Meeting of the Conference on Sciences and Techniques of Automatic Control and Computer Engineering (MI-STA). 323–328 (2022)
Aslam, N., Srivastava, S., Gore, M.-M.: Onos flood defender: an intelligent approach to mitigate DDoS attack in SDN. Transactions on Emerging Telecommunications Technologies. 33(9), e4534 (2022)
Patil, J., Tokekar, V., Rajan, A., et al.: Discriminate, locate and mitigate DDoS traffic in presence of Flash Crowd in Software Defined Network. J. Supercomput. 78, 16770–16793 (2022)
Gupta, N., Tanwar, S., Badotra, S., Behal, S.: Performance Analysis of SDN Controller. Int. J. Performability. Eng. 18(8), 537–544 (2022)
Batool, S., Zeeshan Khan, F., Qaiser Ali Shah, S., Ahmed, M., Alroobaea, R., Baqasah, A.M., Ali, I., Ahsan Raza, M.: Lightweight Statistical Approach towards TCP SYN Flood DDoS Attack Detection and Mitigation in SDN Environment. Security and Communication Networks 2022, 1–14 (2022)
Tang, D., Yan, Y., Zhang, S., Chen, J., Qin, Z.: Performance and features: mitigating the low-rate TCP-targeted DoS attack via SDN. IEEE J. Sel. Areas Commun. 40(1), 428–444 (2021)
Sudar, K.-M., Deepalakshmi, P.: Flow-based detection and mitigation of low-rate DDOS attack in SDN environment using machine learning techniques. IoT and Analytics for Sensor Networks. 244, 193–205 (2022)
Al-Mehdhara, M., Ruan, N.: MSOM: efficient mechanism for defense against DDoS attacks in VANET. Wirel. Commun. Mob. Comput. 2021, 1–17 (2021)
Saritha, A., Reddy, B.-R., Babu, A.S.: QEMDD: Quantum inspired ensemble model to detect and mitigate DDoS attacks at various layers of SDN architecture. Wirel. Pers. Commun. 127(3), 1–26 (2021)
Cherian, M., Verma, S.: Integration of IoT and SDN to mitigate DDoS with RYU Controller. Computer Networks, Big Data and IoT. 66, 673–684 (2021)
Gupta, N., Maashi, M.-S., Tanwar, S., Badotra, S., Aljebreen, M., Bharany, S.: A Comparative study of software defined networking controllers using mininet. Electronics 11(17), 2715 (2022)
Whittle, C.S., Liu, H.: Effectiveness of entropy-based DDoS prevention for software defined networks, pp. 1–7. 2021 IEEE International Symposium on Technologies for Homeland Security (HST) (2021)
Tahmasebi, A., Salahi, A., Pourmina, M.A.: A novel feature-based DDoS detection and mitigation scheme in SDN controller using queueing theory. Wirel. Pers. Commun. 117(3), 1985–2006 (2021)
Agrawal, N., Tapaswi, S.: An SDN-assisted defense mechanism for the shrew DDoS attack in a cloud computing environment. J. Netw. Syst. Manage. 29(2), 1–28 (2021)
Nurwarsito, H., Nadhif, M. F.: DDoS Attack Early Detection and Mitigation System on SDN using Random Forest Algorithm and Ryu Framework. 2021 8th International Conference on Computer and Communication Engineering (ICCCE). 178–183 (2021)
Pradeepa, R., Pushpalatha, M.: IPR: Intelligent Proactive Routing model toward DDoS attack handling in SDN. J. Supercomput. 77(11), 12355–12381 (2021)
Ravi, N., Shalinie, S.-M., Theres, D.-D.-J.: BALANCE: link flooding attack detection and mitigation via hybrid-SDN. IEEE Trans. Netw. Serv. Manage. 17(3), 1715–1729 (2020)
Tayfour, O.-E., Marsono, M.N.: Collaborative detection and mitigation of distributed denial-of-service attacks on software-defined network. Mobile Networks and Applications. 25(4), 1338–1347 (2020)
Sumantra, I., Gandhi, S.-I.: DDoS attack detection and mitigation in software defined networks. 2020 International Conference on System, Computation, Automation and Networking (ICSCAN). 1–5 (2020)
Silveira, F.-A.-F., Lima-Filho, F., Silva, F.-S.-D., Junior, A. D.-M.-B., Silveira, L.-F.: Smart detection-IoT: A DDoS sensor system for Internet of Things. 2020 International Conference on Systems, Signals and Image Processing (IWSSIP). 343–348 (2020)
Bardalai, P., Medhi, N., Chakraborty, S.-K.: DoubleTrApp: A Weak Vertex Cover based DDoS Detection and Mitigation scheme using SDN approach. 2019 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). 1–6 (2019)
Ali, J., Lee, S., & Roh, B. H. Performance analysis of POX and Ryu with different SDN topologies. In Proceedings of the 1st International Conference on Information Science and Systems pp. 244–249. (2018)
Wang, J., Wen, R., Li, J., Yan, F., Zhao, B., Yu, F.: Detecting and mitigating target link-flooding attacks using SDN. IEEE Trans. Dependable Secure Comput. 16(6), 944–956 (2018)
Dissanayake, M.-B., Kumari, A.-L.-V., Udunuwara, U.-K.-A.: Performance comparison of onosand odlcontrollers. J Res Technol Eng. 2, 94–105 (2021)
Pattanaik, A., Gupta, A., Kanavalli, A.: Early Detection and Diminution of DDoS attack instigated by compromised switches on the controller in Software Defined Networks. 2019 IEEE International Conference on Distributed Computing, VLSI, Electrical Circuits and Robotics (DISCOVER). 1–5 (2019)
Li, D., Yu, C., Zhou, Q., Yu, J.: Using SVM to detect DDoS attack in SDN network. IOP Conference Series: Materials Science and Engineering. 466(1), 012003 (2018)
Tran, N.-T., Le, T.-L., Tran, M.-A.-T.: ODL-ANTIFLOOD: A comprehensive solution for securing OpenDayLight controller. 2018 International Conference on Advanced Computing and Applications (ACOMP). 14–21 (2018)
He, B., Zou, F., and Wu, Y.: Multi-SDN based cooperation scheme for DDoS attack defense. 2018 Third International Conference on Security of Smart Cities, Industrial Control System and Communications (SSIC). 1–7 (2018)
Kalkan, K., Altay, L., Gür, G., Alagöz, F.: JESS: Joint entropy-based DDoS defense scheme in SDN. IEEE J. Sel. Areas Commun. 36(10), 2358–2372 (2018)
Bhunia, S.-S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. 2017 27th International telecommunication networks and applications conference (ITNAC). 1–6 (2017)
Boite, J., Nardin, P.-A., Rebecchi, F., Bouet, M., Conan, V.: Statesec: Stateful monitoring for DDoS protection in software defined networks. 2017 IEEE Conference on Network Softwarization (NetSoft). 1–9 (2017)
Yan, Q., Gong, Q., Deng, F.A.: Detection of DDoS attacks against wireless SDN controllers based on the fuzzy synthetic evaluation decision-making model. Adhoc & Sensor Wireless Networks. 33(1–4), 275–299 (2016)
Badotra, S., Panda, S.N.: SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking. Clust. Comput. 24(1), 501–513 (2021)
Mousavi, S.-M., St-Hilaire, M.: Early detection of DDoS attacks against SDN controllers. 2015 international conference on computing, networking and communications (ICNC). 77–81 (2015)
Geddes, K.O., Czapor, S.R., Labahn, G.: Time-based DDoS detection and mitigation for SDN controller, pp. 550–553. 2015 17th Asia-Pacific Network Operations and Management Symposium (APNOMS) (2015)
Gundaboina L, Badotra S, Tanwar S. Reducing resource and energy consumption in cryptocurrency mining by using both proof-of-stake algorithm and renewable energy. In 2022 International Mobile and Embedded Technology Conference (MECON) pp. 605–610. IEEE. (2022)
Lee, S., Kim, J., Woo, S., Yoon, C., Scott-Hayward, S., Yegneswaran, V., Porras, P., Shin, S.: A comprehensive security assessment framework for software-defined networks. Comput. Secur. 91, 101720 (2020)
Tanwar, S., Badotra, S., Gupta, M., Rana, A.: Efficient and secure multiple digital signature to prevent forgery based on ECC. International Journal of Applied Science and Engineering. 18(5), 1–7 (2021)
Chandroth J, Roh BH, Ali J. Performance analysis of python based SDN controllers over real internet topology. In 2022 Thirteenth International Conference on Ubiquitous and Future Networks (ICUFN) pp. 283–288. IEEE. (2022)
Ali, J., Roh, B.H., Lee, S.: QoS improvement with an optimum controller selection for software-defined networks. PLoS ONE 14(5), e0217631 (2019)
Gupta, M., Tanwar, S., Bhatia, T.K., Badotra, S., Hu, Y.C.: A comparative study on blockchain-based distributed public key infrastructure for IoT applications. Multimedia Tools and Applications. 29, 1–26 (2023)
Author information
Authors and Affiliations
Contributions
N.G- Main manuscript written, Methodology S.T- Conceptualization, supervision, Review & Editing S.B- Proof reading, Review & Editing.
Corresponding author
Ethics declarations
Competing interests
The authors declare no competing interests.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Gupta, N., Tanwar, S. & Badotra, S. Performance analysis of ODL and RYU controllers’ against DDoS attack in software defined networks. Cluster Comput (2024). https://doi.org/10.1007/s10586-024-04535-y
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10586-024-04535-y