Entropy-based DDoS Attack Detection in SDN using Dynamic Threshold

The centralized structure of software defined networks makes them vulnerable to distributed denial of service attacks. Given that these attacks can easily destroy the computational and communicational resources of controller and switches, they make the network fail in a short time. Hence, it is vita...

Full description

Saved in:
Bibliographic Details
Published in2021 7th International Conference on Signal Processing and Intelligent Systems (ICSPIS) pp. 1 - 5
Main Authors Hemmati, Zahra, Mirjalily, Ghasem, Mohtajollah, Zahra
Format Conference Proceeding
LanguageEnglish
Published IEEE 29.12.2021
Subjects
Controller
Deep learning
Denial-of-service attack
Distributed Denial of Service Attacks
Dynamic Threshold
Entropy
Feature extraction
Heuristic algorithms
Signal processing
Signal processing algorithms
Software Defined Networks
Online AccessGet full text
DOI10.1109/ICSPIS54653.2021.9729355

Cover

More Information
Summary:The centralized structure of software defined networks makes them vulnerable to distributed denial of service attacks. Given that these attacks can easily destroy the computational and communicational resources of controller and switches, they make the network fail in a short time. Hence, it is vital to protect the controller. Utilizing the unique features of software defined networks, this paper propounds an effective method to detect distributed denial of services attacks. For this purpose, entropy was used to detect attacks. Furthermore, this method utilizes a dynamic threshold instead of a static one to distinguish between normal and attack traffic. The dynamic threshold heightens the accuracy of attack detection in the proposed algorithm to 98% on average while the accuracy in the benchmark algorithm using entropy and the static threshold is 96%.
DOI:10.1109/ICSPIS54653.2021.9729355