Early Detection of DDoS Attacks in Software Defined Networks Controller

It appears your Web browser is not configured to display PDF files. Download adobe Acrobat or click here to download the PDF file.

Click here to download the PDF file.


Mousavi, Seyed Mohammad




Software Defined Networks (SDN) is a new network architecture that provides central
control over the network. This control works as if it is an operating system that can
send instructions and apply changes through its interface. This operating system is
called the controller. Although central control is the major advantage of SDN, it is
also a single point of failure if it is made unreachable by a Distributed Denial of
Service Attack (DDoS).
Two main objectives of this study are utilizing the central control of SDN for attack
detection and, proposing a solution that is effective and
lightweight in terms of the
resources that it uses.
This research shows how DDoS attacks can exhaust controller resources and provides
a solution to detect such attacks based on entropy variation of destination IP address.
This method is able to detect DDoS within the first five hundred packets of the attack


System Science
Engineering - Electronics and Electrical




Carleton University

Thesis Degree Name: 

Master of Applied Science: 

Thesis Degree Level: 


Thesis Degree Discipline: 

Engineering, Electrical and Computer

Parent Collection: 

Theses and Dissertations

Items in CURVE are protected by copyright, with all rights reserved, unless otherwise indicated. They are made available with permission from the author(s).