Detection of DDoS on SDN Data Plane Through Mirror Traffic

I. Made Adhiarta Wikantyasa*, Tohari Ahmad

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The rapid growth in network technology and data traffic has made traditional network architectures inadequate in meeting the needs of modern users, leading to the adoption of Software Defined Networking (SDN) as a solution. Despite its benefits, SDN's centralized control, complexity, lack of standardization, inadequate visibility, authentication, and authorization make it vulnerable to security threats such as Distributed Denial of Service (DDoS). In SDN networks, DDoS attacks can overwhelm networks with traffic, causing reduced performance or downtime in the data or controller planes. DDoS attacks within SDN networks can be categorized into three main types volumetric attacks, which inundate networks with substantial traffic, state exclusion attacks which take advantage of vulnerabilities in TCP packet processing and application layer attacks which specifically target services with malevolent activity. The objective of the proposed system is to provide an alternative solution on detecting UDP flood-based Distributed Denial of Service (DDoS) attacks in Software-Defined Networking (SDN) data planes. This will be achieved by incorporating mirror ports as inputs to a machine learning module. Additionally, the machine learning module will have the capability to identify attack patterns within mirrored traffic without causing disruptions to the main network traffic.

Original languageEnglish
Title of host publicationProceedings - 2023 IEEE International Conference on Cryptography, Informatics, and Cybersecurity
Subtitle of host publicationCryptography and Cybersecurity: Roles, Prospects, and Challenges, ICoCICs 2023
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages199-204
Number of pages6
ISBN (Electronic)9798350339437
DOIs
Publication statusPublished - 2023
Event1st IEEE International Conference on Cryptography, Informatics, and Cybersecurity, ICoCICs 2023 - Hybrid, Bogor, Indonesia
Duration: 22 Aug 202324 Aug 2023

Publication series

NameProceedings - 2023 IEEE International Conference on Cryptography, Informatics, and Cybersecurity: Cryptography and Cybersecurity: Roles, Prospects, and Challenges, ICoCICs 2023

Conference

Conference1st IEEE International Conference on Cryptography, Informatics, and Cybersecurity, ICoCICs 2023
Country/TerritoryIndonesia
CityHybrid, Bogor
Period22/08/2324/08/23

Keywords

  • DDoS
  • Mirrored Network
  • Network Security
  • Security
  • Software Defined Networking

Fingerprint

Dive into the research topics of 'Detection of DDoS on SDN Data Plane Through Mirror Traffic'. Together they form a unique fingerprint.

Cite this