Skip to main content
SpringerLink
Log in

Performance analysis of ODL and RYU controllers’ against DDoS attack in software defined networks

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Software-defined networking (SDN) is a new way of designing and managing networks. The central SDN controller serves as the network’s brain in the control plane. This paper compares the performance of OpenDayLight (ODL) and Ryu SDN controllers by installing the most stable version of the controllers on a realistic test environment, Mininet, on which several other SDN controllers are built. The sFlow and snort tools have been used to compare the performance of the two controllers for a variety of different workloads. Tests were carried out by launching Distributed Denial of Service (DDoS) attacks on the host, stopping them, and then examining the outcomes. Experimental results show that the ODL controller is more effective than the Ryu controller in dealing with DDoS attacks on the SDN network. DDoS attacks are detected using Mininet analysis and the tools Snort and sFlow. The results also show that both controllers perform better in terms of flow setup latency and load shedding performance compared to the Ryu controller. The ODL controller exceeds the Ryu controller in levels of jitter, and its computational complexity outperforms the Ryu controller in terms of processing power. Based on these test findings, it can be concluded that both controllers perform equally well in terms of jitter and ODL is more reliable than Ryu.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16

Similar content being viewed by others

References

  1. Altamemi, A.-J., Abdulhassan, A., Obeis, N.-T.: DDoS attack detection in software defined networking controller using machine learning techniques. Bulletin of Electrical Engineering and Informatics. 11(5), 2836–2844 (2022)

    Article  Google Scholar 

  2. Yungaicela, N.-N.-M., Vargas-Rosales, C., Perez-Diaz, J.-A., Carrera, D.-F.: A flexible SDN-based framework for slow-rate DDoS attack mitigation by using deep reinforcement learning. J. Netw. Comput. Appl. 205, 103444 (2022)

    Article  Google Scholar 

  3. Mohammadi, R., Lal, C., Conti, M., Sharma, L.: Software defined network-based HTTP flooding attack defender. Comput. Electr. Eng. 101, 108019 (2022)

    Article  Google Scholar 

  4. Badotra, S., Panda, S.-N.: Evaluation and comparison of OpenDayLight and open networking operating system in software-defined networking. Clust. Comput. 23(2), 1281–1291 (2020)

    Article  Google Scholar 

  5. Aslam, M., Ye, D., Tariq, A., Asad, M., Hanif, M., Ndzi, D., Jilani, S.-F.: Adaptive machine learning based distributed denial-of-services attacks detection and mitigation system for SDN-enabled iot. Sensors. 22(7), 2697 (2022)

    Article  Google Scholar 

  6. Priyadarshini, R., Barik, R.-K.: A deep learning based intelligent framework to mitigate DDoS attack in fog environment. J. King Saud Univ. - Comput. Inf. Sci. 34(3), 825–831 (2019)

    Google Scholar 

  7. Muragaa, W. H.: The single packet Low-rate DDoS attack detection and prevention in SDN. 2022 IEEE 2nd International Maghreb Meeting of the Conference on Sciences and Techniques of Automatic Control and Computer Engineering (MI-STA). 323–328 (2022)

  8. Aslam, N., Srivastava, S., Gore, M.-M.: Onos flood defender: an intelligent approach to mitigate DDoS attack in SDN. Transactions on Emerging Telecommunications Technologies. 33(9), e4534 (2022)

    Article  Google Scholar 

  9. Patil, J., Tokekar, V., Rajan, A., et al.: Discriminate, locate and mitigate DDoS traffic in presence of Flash Crowd in Software Defined Network. J. Supercomput. 78, 16770–16793 (2022)

    Article  Google Scholar 

  10. Gupta, N., Tanwar, S., Badotra, S., Behal, S.: Performance Analysis of SDN Controller. Int. J. Performability. Eng. 18(8), 537–544 (2022)

    Article  Google Scholar 

  11. Batool, S., Zeeshan Khan, F., Qaiser Ali Shah, S., Ahmed, M., Alroobaea, R., Baqasah, A.M., Ali, I., Ahsan Raza, M.: Lightweight Statistical Approach towards TCP SYN Flood DDoS Attack Detection and Mitigation in SDN Environment. Security and Communication Networks 2022, 1–14 (2022)

    Article  Google Scholar 

  12. Tang, D., Yan, Y., Zhang, S., Chen, J., Qin, Z.: Performance and features: mitigating the low-rate TCP-targeted DoS attack via SDN. IEEE J. Sel. Areas Commun. 40(1), 428–444 (2021)

    Article  Google Scholar 

  13. Sudar, K.-M., Deepalakshmi, P.: Flow-based detection and mitigation of low-rate DDOS attack in SDN environment using machine learning techniques. IoT and Analytics for Sensor Networks. 244, 193–205 (2022)

    Article  Google Scholar 

  14. Al-Mehdhara, M., Ruan, N.: MSOM: efficient mechanism for defense against DDoS attacks in VANET. Wirel. Commun. Mob. Comput. 2021, 1–17 (2021)

    Article  Google Scholar 

  15. Saritha, A., Reddy, B.-R., Babu, A.S.: QEMDD: Quantum inspired ensemble model to detect and mitigate DDoS attacks at various layers of SDN architecture. Wirel. Pers. Commun. 127(3), 1–26 (2021)

    Google Scholar 

  16. Cherian, M., Verma, S.: Integration of IoT and SDN to mitigate DDoS with RYU Controller. Computer Networks, Big Data and IoT. 66, 673–684 (2021)

    Article  Google Scholar 

  17. Gupta, N., Maashi, M.-S., Tanwar, S., Badotra, S., Aljebreen, M., Bharany, S.: A Comparative study of software defined networking controllers using mininet. Electronics 11(17), 2715 (2022)

    Article  Google Scholar 

  18. Whittle, C.S., Liu, H.: Effectiveness of entropy-based DDoS prevention for software defined networks, pp. 1–7. 2021 IEEE International Symposium on Technologies for Homeland Security (HST) (2021)

    Google Scholar 

  19. Tahmasebi, A., Salahi, A., Pourmina, M.A.: A novel feature-based DDoS detection and mitigation scheme in SDN controller using queueing theory. Wirel. Pers. Commun. 117(3), 1985–2006 (2021)

    Article  Google Scholar 

  20. Agrawal, N., Tapaswi, S.: An SDN-assisted defense mechanism for the shrew DDoS attack in a cloud computing environment. J. Netw. Syst. Manage. 29(2), 1–28 (2021)

    Article  Google Scholar 

  21. Nurwarsito, H., Nadhif, M. F.: DDoS Attack Early Detection and Mitigation System on SDN using Random Forest Algorithm and Ryu Framework. 2021 8th International Conference on Computer and Communication Engineering (ICCCE). 178–183 (2021)

  22. Pradeepa, R., Pushpalatha, M.: IPR: Intelligent Proactive Routing model toward DDoS attack handling in SDN. J. Supercomput. 77(11), 12355–12381 (2021)

    Article  Google Scholar 

  23. Ravi, N., Shalinie, S.-M., Theres, D.-D.-J.: BALANCE: link flooding attack detection and mitigation via hybrid-SDN. IEEE Trans. Netw. Serv. Manage. 17(3), 1715–1729 (2020)

    Article  Google Scholar 

  24. Tayfour, O.-E., Marsono, M.N.: Collaborative detection and mitigation of distributed denial-of-service attacks on software-defined network. Mobile Networks and Applications. 25(4), 1338–1347 (2020)

    Article  Google Scholar 

  25. Sumantra, I., Gandhi, S.-I.: DDoS attack detection and mitigation in software defined networks. 2020 International Conference on System, Computation, Automation and Networking (ICSCAN). 1–5 (2020)

  26. Silveira, F.-A.-F., Lima-Filho, F., Silva, F.-S.-D., Junior, A. D.-M.-B., Silveira, L.-F.: Smart detection-IoT: A DDoS sensor system for Internet of Things. 2020 International Conference on Systems, Signals and Image Processing (IWSSIP). 343–348 (2020)

  27. Bardalai, P., Medhi, N., Chakraborty, S.-K.: DoubleTrApp: A Weak Vertex Cover based DDoS Detection and Mitigation scheme using SDN approach. 2019 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). 1–6 (2019)

  28. Ali, J., Lee, S., & Roh, B. H. Performance analysis of POX and Ryu with different SDN topologies. In Proceedings of the 1st International Conference on Information Science and Systems pp. 244–249. (2018)

  29. Wang, J., Wen, R., Li, J., Yan, F., Zhao, B., Yu, F.: Detecting and mitigating target link-flooding attacks using SDN. IEEE Trans. Dependable Secure Comput. 16(6), 944–956 (2018)

    Article  Google Scholar 

  30. Dissanayake, M.-B., Kumari, A.-L.-V., Udunuwara, U.-K.-A.: Performance comparison of onosand odlcontrollers. J Res Technol Eng. 2, 94–105 (2021)

    Google Scholar 

  31. Pattanaik, A., Gupta, A., Kanavalli, A.: Early Detection and Diminution of DDoS attack instigated by compromised switches on the controller in Software Defined Networks. 2019 IEEE International Conference on Distributed Computing, VLSI, Electrical Circuits and Robotics (DISCOVER). 1–5 (2019)

  32. Li, D., Yu, C., Zhou, Q., Yu, J.: Using SVM to detect DDoS attack in SDN network. IOP Conference Series: Materials Science and Engineering. 466(1), 012003 (2018)

    Google Scholar 

  33. Tran, N.-T., Le, T.-L., Tran, M.-A.-T.: ODL-ANTIFLOOD: A comprehensive solution for securing OpenDayLight controller. 2018 International Conference on Advanced Computing and Applications (ACOMP). 14–21 (2018)

  34. He, B., Zou, F., and Wu, Y.: Multi-SDN based cooperation scheme for DDoS attack defense. 2018 Third International Conference on Security of Smart Cities, Industrial Control System and Communications (SSIC). 1–7 (2018)

  35. Kalkan, K., Altay, L., Gür, G., Alagöz, F.: JESS: Joint entropy-based DDoS defense scheme in SDN. IEEE J. Sel. Areas Commun. 36(10), 2358–2372 (2018)

    Article  Google Scholar 

  36. Bhunia, S.-S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. 2017 27th International telecommunication networks and applications conference (ITNAC). 1–6 (2017)

  37. Boite, J., Nardin, P.-A., Rebecchi, F., Bouet, M., Conan, V.: Statesec: Stateful monitoring for DDoS protection in software defined networks. 2017 IEEE Conference on Network Softwarization (NetSoft). 1–9 (2017)

  38. Yan, Q., Gong, Q., Deng, F.A.: Detection of DDoS attacks against wireless SDN controllers based on the fuzzy synthetic evaluation decision-making model. Adhoc & Sensor Wireless Networks. 33(1–4), 275–299 (2016)

    Google Scholar 

  39. Badotra, S., Panda, S.N.: SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking. Clust. Comput. 24(1), 501–513 (2021)

    Article  Google Scholar 

  40. Mousavi, S.-M., St-Hilaire, M.: Early detection of DDoS attacks against SDN controllers. 2015 international conference on computing, networking and communications (ICNC). 77–81 (2015)

  41. Geddes, K.O., Czapor, S.R., Labahn, G.: Time-based DDoS detection and mitigation for SDN controller, pp. 550–553. 2015 17th Asia-Pacific Network Operations and Management Symposium (APNOMS) (2015)

    Google Scholar 

  42. Gundaboina L, Badotra S, Tanwar S. Reducing resource and energy consumption in cryptocurrency mining by using both proof-of-stake algorithm and renewable energy. In 2022 International Mobile and Embedded Technology Conference (MECON) pp. 605–610. IEEE. (2022)

  43. Lee, S., Kim, J., Woo, S., Yoon, C., Scott-Hayward, S., Yegneswaran, V., Porras, P., Shin, S.: A comprehensive security assessment framework for software-defined networks. Comput. Secur. 91, 101720 (2020)

    Article  Google Scholar 

  44. Tanwar, S., Badotra, S., Gupta, M., Rana, A.: Efficient and secure multiple digital signature to prevent forgery based on ECC. International Journal of Applied Science and Engineering. 18(5), 1–7 (2021)

    Article  Google Scholar 

  45. Chandroth J, Roh BH, Ali J. Performance analysis of python based SDN controllers over real internet topology. In 2022 Thirteenth International Conference on Ubiquitous and Future Networks (ICUFN) pp. 283–288. IEEE. (2022)

  46. Ali, J., Roh, B.H., Lee, S.: QoS improvement with an optimum controller selection for software-defined networks. PLoS ONE 14(5), e0217631 (2019)

    Article  Google Scholar 

  47. Gupta, M., Tanwar, S., Bhatia, T.K., Badotra, S., Hu, Y.C.: A comparative study on blockchain-based distributed public key infrastructure for IoT applications. Multimedia Tools and Applications. 29, 1–26 (2023)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Amity Institute of Information Technology, Amity University, Noida, India

    Neelam Gupta & Sarvesh Tanwar

  2. School of Computer Science Engineering and Technology, Bennett University, Greater Noida, Uttar Pradesh, India

    Sumit Badotra

Authors
  1. Neelam Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sarvesh Tanwar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sumit Badotra
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

N.G- Main manuscript written, Methodology S.T- Conceptualization, supervision, Review & Editing S.B- Proof reading, Review & Editing.

Corresponding author

Correspondence to Sumit Badotra.

Ethics declarations

Competing interests

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gupta, N., Tanwar, S. & Badotra, S. Performance analysis of ODL and RYU controllers’ against DDoS attack in software defined networks. Cluster Comput (2024). https://doi.org/10.1007/s10586-024-04535-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10586-024-04535-y

Keywords

Search

Navigation