Title

A Novel Distributed Denial-Of-Service Attack Detection Scheme for Software Defined Networking Environments

Abstract

Software-Defined networking (SDN), as a new paradigm, fixes the shortage that traditional network does not support the dynamic, scalable computing and storage needs of more computing environments. SDN, however, also faces security problems such as vulnerable to DDoS attacks. DDoS attacks are well-known and powerful attacks. DDoS detection and DDoS traffic separation for SDN environments are still an open research issue. DDoS attacks in SDN environments will not only bring damage to target server, but also takes exact impact on SDN system. In this paper, we identify a new type DDoS attack, specifically aiming SDN environment, which is harder to be detected. We propose a novel real-time DDoS detection scheme for SDN environment, by using Principal Component Analysis (PCA) scheme to analyze the network status on traffic packets data. We separate the network into different parts, to reduce the total calculation burden. We compare our scheme with sample entropy, showed our scheme achieves better detecting ability for DDoS attacks.

Meeting Name

2018 IEEE International Conference on Communications, ICC 2018 (2018: May 20-24, Kansas City, MO)

Department(s)

Computer Science

Keywords and Phrases

Digital storage; Network security; Principal component analysis; Computing environments; Detecting ability; Distributed denial of service attack; Research issues; Scalable computing; Security problems; Software defined networking (SDN); Traffic separation; Denial-of-service attack

International Standard Book Number (ISBN)

978-1-5386-3180-5

International Standard Serial Number (ISSN)

1550-3607

Document Type

Article - Conference proceedings

Document Version

Citation

File Type

text

Language(s)

English

Rights

© 2018 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.

Share

 
COinS