Early Detection of DDoS Attacks in Software Defined Networks Controller
Public Deposited- Resource Type
- Creator
- Abstract
Software Defined Networks (SDN) is a new network architecture that provides central control over the network. This control works as if it is an operating system that can send instructions and apply changes through its interface. This operating system is called the controller. Although central control is the major advantage of SDN, it is also a single point of failure if it is made unreachable by a Distributed Denial of Service Attack (DDoS). Two main objectives of this study are utilizing the central control of SDN for attack detection and, proposing a solution that is effective and lightweight in terms of the resources that it uses. This research shows how DDoS attacks can exhaust controller resources and provides a solution to detect such attacks based on entropy variation of destination IP address. This method is able to detect DDoS within the first five hundred packets of the attack traffic.
- Subject
- Language
- Publisher
- Thesis Degree Level
- Thesis Degree Name
- Thesis Degree Discipline
- Identifier
- Rights Notes
Copyright © 2014 the author(s). Theses may be used for non-commercial research, educational, or related academic purposes only. Such uses include personal study, research, scholarship, and teaching. Theses may only be shared by linking to Carleton University Institutional Repository and no part may be used without proper attribution to the author. No part may be used for commercial purposes directly or indirectly via a for-profit platform; no adaptation or derivative works are permitted without consent from the copyright owner.
- Date Created
- 2014
Relations
- In Collection:
Items
Thumbnail | Title | Date Uploaded | Visibility | Actions |
---|---|---|---|---|
mousavi-earlydetectionofddosattacksinsoftwaredefined.pdf | 2023-05-04 | Public | Download |