Renyi Joint Entropy-Based Dynamic Threshold Approach to Detect DDoS Attacks against SDN Controller with Various Traffic Rates

Mohammad Adnan Aladaileh, Mohammed Anbar, Ahmed J. Hintaw, Iznan H. Hasbullah, Abdullah Ahmed Bahashwan, Shadi Al-Sarawi

doi:10.3390/app12126127

<jats:p>The increasing incidence of distributed denial-of-service (DDoS) attacks has made software-defined networking (SDN) more vulnerable to the depletion of controller resources. DDoS attacks prevent the SDN controller from processing all incoming data efficiently, potentially disrupting a network or denying legitimate users access to network services. Thus, the protection of the SDN controller is crucial, especially from the ones that exploit the SDN characteristics. In this paper, the authors propose an efficient detection approach for low- and high-rate DDoS attacks on the controller with a high detection rate and a low false positive rate by adapting a dynamic threshold algorithm rather than a static one and proposing a new rule-based detection mechanism. In addition, the proposed approach was evaluated using eight simulation scenarios representing all potential attacks against the SDN controller in terms of attack traffic rates (low or high), sources (either single or multiple hosts), and targets (single or multiple victims). The experiment results show that the proposed approach is more effective than the existing approaches based on attack detection and false positive rates.</jats:p>

Renyi Joint Entropy-Based Dynamic Threshold Approach to Detect DDoS Attacks against SDN Controller with Various Traffic Rates

説明

収録刊行物

被引用文献 (1)*注記

詳細情報詳細情報について

書き出し

問題の指摘

Renyi Joint Entropy-Based Dynamic Threshold Approach to Detect DDoS Attacks against SDN Controller with Various Traffic Rates

説明

収録刊行物

被引用文献 (1)*注記

詳細情報 詳細情報について

書き出し

問題の指摘

詳細情報詳細情報について