A Novel Distributed Denial-Of-Service Attack Detection Scheme for Software Defined Networking Environments

Author

Di Wu
Jie Li
Sajal K. Das, Missouri University of Science and TechnologyFollow
Jinsong Wu
Yusheng Ji
Zhetao Li

Abstract

Software-Defined networking (SDN), as a new paradigm, fixes the shortage that traditional network does not support the dynamic, scalable computing and storage needs of more computing environments. SDN, however, also faces security problems such as vulnerable to DDoS attacks. DDoS attacks are well-known and powerful attacks. DDoS detection and DDoS traffic separation for SDN environments are still an open research issue. DDoS attacks in SDN environments will not only bring damage to target server, but also takes exact impact on SDN system. In this paper, we identify a new type DDoS attack, specifically aiming SDN environment, which is harder to be detected. We propose a novel real-time DDoS detection scheme for SDN environment, by using Principal Component Analysis (PCA) scheme to analyze the network status on traffic packets data. We separate the network into different parts, to reduce the total calculation burden. We compare our scheme with sample entropy, showed our scheme achieves better detecting ability for DDoS attacks.

Recommended Citation

D. Wu et al., "A Novel Distributed Denial-Of-Service Attack Detection Scheme for Software Defined Networking Environments," Proceedings of the 2018 IEEE International Conference on Communications (2018, Kansas City, MO), Institute of Electrical and Electronics Engineers (IEEE), May 2018.

The definitive version is available at https://doi.org/10.1109/ICC.2018.8422448

Meeting Name

2018 IEEE International Conference on Communications, ICC 2018 (2018: May 20-24, Kansas City, MO)

Department(s)

Computer Science

Research Center/Lab(s)

Intelligent Systems Center

Second Research Center/Lab

Center for High Performance Computing Research

Keywords and Phrases

Digital storage; Network security; Principal component analysis; Computing environments; Detecting ability; Distributed denial of service attack; Research issues; Scalable computing; Security problems; Software defined networking (SDN); Traffic separation; Denial-of-service attack

International Standard Book Number (ISBN)

978-1-5386-3180-5

International Standard Serial Number (ISSN)

1550-3607

Document Type

Article - Conference proceedings

Document Version

Citation

File Type

text

Language(s)

English

Rights

© 2018 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.

Publication Date

01 May 2018