Skip to main content
SpringerLink
Log in

Reinforcement Learning-Based DoS Mitigation in Software Defined Networks

  • Conference paper
  • First Online:
ICCCE 2018 (ICCCE 2018)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 500))

  • 1200 Accesses

Abstract

A software defined network (SDN) is an OpenFlow-based network that initiates innovative traffic engineering and also simplifies network maintenance. Network security is still as stringent as that of traditional networks. A denial of service (DoS) attack is a major security issue that makes an entire network’s resources unavailable to its intended users. Blocking the flows based on the number of flows per port threshold was the most common method employed in the past. At some occasions legitimate traffic also takes the huge flow will punish by default rules. In order to address this issue, I proposed a reinforcement learning-based DoS detection model that detects and mitigates huge flows without a decline in normal traffic. An agent periodically monitors and measures network performance. It also rewrites the flow rules dynamically in the case of rule violation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 279.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Braga R, Mota E, Passito A (2010) Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: Proceedings of the conference on local computer networks, LCN, pp 408–415 (2010). https://doi.org/10.1109/lcn.2010.5735752

  2. Solnushkin KS (2013) Automated design of two-layer fat-tree networks

    Google Scholar 

  3. Cai Z, Cox A, Ng TSE (2011) Maestro: a system for scalable OpenFlow control. Rice University

    Google Scholar 

  4. Nayana Y, Tech JM, Girish L (2015) DDoS mitigation using software defined network. 24:258–264

    Google Scholar 

  5. Son NH (2016) A mechanism for early detecting DDOS attacks based on M/G/R PS queue. Int J Netw Secur Appl 8:17–24

    Google Scholar 

  6. Belyaev M, Gaivoronski S (2014) Towards load balancing in SDN-networks during DDoS-Attacks. In: SDN NFV next generation of computational infrastructure—2014 international science technology conference—modern networking technologies, MoNeTec. https://doi.org/10.1109/monetec.2014.6995578

  7. Chin T, Mountrouidou X, Li X, Xiong K (2015) Selective packet inspection to detect DoS flooding using software defined networking (SDN). In: Proceedings of the 2015 IEEE 35th international conference on distributed computing systems workshops, ICDCSW 2015, pp 95–99. https://doi.org/10.1109/icdcsw.2015.27

  8. Ambrosin M, Conti M, De Gaspari F, Poovendran R (2017) LineSwitch: tackling control plane saturation attacks in software-defined networking. IEEE/ACM Trans Netw 25:1206–1219

    Article  Google Scholar 

  9. Shin S, Yegneswaran V, Porras P, Gu G (2013) AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. In: ACM SIGSAC conference on computer and communications security (CCS 2013), pp 413–424. https://doi.org/10.1145/2508859.2516684

  10. Suh J et al (2010) Implementation of content-oriented networking architecture (CONA): a focus on DDoS countermeasure. In: 1st European NetFPGA developers workshop, pp 1–5

    Google Scholar 

  11. Chellani N, Tejpal P, Hari P (2016) Enhancing security in OpenFlow, pp 1–10

    Google Scholar 

  12. Dridi L, Zhani MF (2016) SDN-guard: DoS attacks mitigation in SDN networks. In: Proceedings of the 2016 5th IEEE international conference on cloud networking, CloudNet 2016, pp 212–217. https://doi.org/10.1109/cloudnet.2016.9

  13. Li D, Hong X, Witt D (2013) ProtoGENI, a prototype GENI under security vulnerabilities : an experiment-based security study, pp 1–11

    Google Scholar 

  14. Porras P et al (2012) A security enforcement kernel for OpenFlow networks. In: Proceedings of the first Workshop on hot topics in software defined networking—HotSDN ’12, p 121. https://doi.org/10.1145/2342441.2342466

  15. Shin S et al (2014) Rosemary: a robust, secure, and high-performance network operating system. In: Proceedings of the 2014 ACM SIGSAC conference on computer and communications security—CCS ’14, pp 78–89. https://doi.org/10.1145/2660267.2660353

  16. Chandrasekaran B, Benson T (2014) Tolerating SDN application failures with LegoSDN. In: Proceedings of the third workshop on hot topics in software defined networking—HotSDN ’14, pp 235–236. https://doi.org/10.1145/2620728.2620781

  17. Matsumoto S, Hitz S, Perrig A (2014) Fleet: defending SDNs from malicious administrators. In: Proceedings of the second ACM SIGCOMM workshop on hot topics in software defined networking—HotSDN ’14, pp 103–108. https://doi.org/10.1145/2620728.2620750

  18. Systems BC (2009) Brocade sFlow for network traffic monitoring, p 12

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electronics & Communication Engineering, Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology, Chennai, India

    A. VishnuPriya

Authors
  1. A. VishnuPriya
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to A. VishnuPriya .

Editor information

Editors and Affiliations

  1. BioAxis DNA Research Centre Pvt. Ltd., Hyderabad, Andhra Pradesh, India

    Amit Kumar

  2. Dynexsys, Sydney, NSW, Australia

    Stefan Mozar

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

VishnuPriya, A. (2019). Reinforcement Learning-Based DoS Mitigation in Software Defined Networks. In: Kumar, A., Mozar, S. (eds) ICCCE 2018. ICCCE 2018. Lecture Notes in Electrical Engineering, vol 500. Springer, Singapore. https://doi.org/10.1007/978-981-13-0212-1_41

Download citation

  • DOI: https://doi.org/10.1007/978-981-13-0212-1_41

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-13-0211-4

  • Online ISBN: 978-981-13-0212-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation