A Novel Distributed Denial-Of-Service Attack Detection Scheme for Software Defined Networking Environments


Software-Defined networking (SDN), as a new paradigm, fixes the shortage that traditional network does not support the dynamic, scalable computing and storage needs of more computing environments. SDN, however, also faces security problems such as vulnerable to DDoS attacks. DDoS attacks are well-known and powerful attacks. DDoS detection and DDoS traffic separation for SDN environments are still an open research issue. DDoS attacks in SDN environments will not only bring damage to target server, but also takes exact impact on SDN system. In this paper, we identify a new type DDoS attack, specifically aiming SDN environment, which is harder to be detected. We propose a novel real-time DDoS detection scheme for SDN environment, by using Principal Component Analysis (PCA) scheme to analyze the network status on traffic packets data. We separate the network into different parts, to reduce the total calculation burden. We compare our scheme with sample entropy, showed our scheme achieves better detecting ability for DDoS attacks.

Meeting Name

2018 IEEE International Conference on Communications, ICC 2018 (2018: May 20-24, Kansas City, MO)


Computer Science

Research Center/Lab(s)

Intelligent Systems Center

Second Research Center/Lab

Center for High Performance Computing Research

Keywords and Phrases

Digital storage; Network security; Principal component analysis; Computing environments; Detecting ability; Distributed denial of service attack; Research issues; Scalable computing; Security problems; Software defined networking (SDN); Traffic separation; Denial-of-service attack

International Standard Book Number (ISBN)


International Standard Serial Number (ISSN)


Document Type

Article - Conference proceedings

Document Version


File Type





© 2018 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.

Publication Date

01 May 2018