Detracting TCP-Syn Flooding Attacks in Software Defined Networking Environment
Internet is the platform where everything is connected with everything and also is accessible from anywhere. Moreover the users are widely spread across the globe, traditional IP networks are complex and very hard to manage. Software-Defined Networking (SDN) is a completely a virtual model which changes the traditional network of affairs by dividing the network’s control plane from the data plane, intern the network control is done by the SDN program to be a centralized one. However, it has been proven time and again that the SDN is vulnerable to various kinds of attacks like Distributed Denial of Service (DDoS), Denial of Service (DoS), dictionary attacks etc. DDoS attacks mounted by botnets has been termed as biggest threat to internet security today, they target a specific service, mobilizing only a small amount of legitimate looking traffic to compromise the server. Identification methods and blocking the network from the attacks using unstable statistics of the traffic is very challenging and it has been assigned to the server. In this paper, an attack detection and mitigation application has been implemented in an SDN environment. Additionally, a mechanism has been developed on the server side to differentiate between legitimate and illegitimate users such that service to former is not affected.
KeywordsSDN DDOS Botnets
- 1.Lawal, B.H., Nuray, A.T.: Real-time detection and mitigation of distributed denial of service (DDoS) attacks in software defined networking (SDN). In: 2018 26th Signal Processing and Communications Applications Conference (SIU), Izmir, pp. 1–4 (2018)Google Scholar
- 2.Ubale, T., Jain, A.K.: Taxonomy of DDoS attacks in software-defined networking environment. In: Singh, P., Paprzycki, M., Bhargava, B., Chhabra, J., Kaushal, N., Kumar, Y. (eds.) Futuristic Trends in Network and Communication Technologies. FTNCT 2018. Communications in Computer and Information Science, vol. 958. Springer, Singapore (2019)Google Scholar
- 3.Eddy, W.M.: TCP SYN flooding attacks and common mitigations. J. Inf. Secur. 2(3) (2011). 2007 article cited by “Effectiveness of Built-in Security Protection of Microsoft’s Windows Server 2003 against TCP SYN Based DDoS AttacksGoogle Scholar
- 5.Ambrosin, M., Conti, M., De Gaspari, F., Poovendran, R.: Lineswitch: efficiently managing switch flow in software-defined networking while effectively tackling dos attacks. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, pp. 639–644. ACM (2015)Google Scholar
- 6.Chin, T., Mountrouidou, X., Li, X., Xiong, K.: Selective packet inspection to detect dos flooding using software defined networking (SDN). In: Proceedings of International Conference on Distributed Computing Systems Workshops, pp. 95–99. IEEE (2015)Google Scholar