On an Integrated Security Framework for Defense Against Various DDoS Attacks in SDN

Document Type

Conference Proceeding

Publication Date

1-1-2023

Abstract

As a new network paradigm, software-defined networking (SDN) technology has been increasingly adopted. Unfortunately, SDN-enabled networks are more prone to threats from DDoS attacks than traditional networks due to the nature of centralized management. We propose an integrated defense framework to detect and mitigate various types of DDoS attacks in SDN-enabled networks. The proposed framework deploys two technical modules in the control plane of SDN for defending against high-rate and low-rate DDoS attacks, respectively. The former module consists of three components, which watch out for suspicious traffic, detect attacks using ensemble learning, and intercept malicious packets, respectively. The latter module is designed specifically to defend against the Slow Ternary Content Addressable Memory (TCAM) exhaustion attack (Slow-TCAM) using a new Alleviative Threat for TCAM (ATFT) algorithm. The proposed framework is implemented and tested in simulated networks using Mininet and further evaluated on the CICDDoS2019 dataset. Experimental results illustrate the superior performance of the proposed framework in defending against different types of DDoS attacks in comparison with other state-of-the-art algorithms.

Identifier

85151997187 (Scopus)

ISBN

[9781665457194]

Publication Title

2023 International Conference on Computing Networking and Communications Icnc 2023

External Full Text Location

https://doi.org/10.1109/ICNC57223.2023.10074226

First Page

311

Last Page

317

This document is currently not available here.

Share

COinS