Improving Distributed Denial of Service (DDOS) Detection using Entropy Method in Software Defined Network (SDN)

Authors

  • Maman Abdurohman Telkom University
  • Dani Prasetiawan Telkom University
  • Fazmah Arif Yulianto

DOI:

https://doi.org/10.21512/comtech.v8i4.3902

Keywords:

Software Defined Network (SDN), Distributed Denial of Service (DDoS), detection, entropy

Abstract

This research proposed a new method to enhance Distributed Denial of Service (DDoS) detection attack on Software Defined Network (SDN) environment. This research utilized the OpenFlow controller of SDN for DDoS attack detection using modified method and regarding entropy value. The new method would check whether the traffic was a normal traffic or DDoS attack by measuring the randomness of the packets. This method consisted of two steps, detecting attack and checking the entropy. The result shows that the new method can reduce false positive when there is a temporary and sudden increase in normal traffic. The new method succeeds in not detecting this as a DDoS attack. Compared to previous methods, this proposed method can enhance DDoS attack detection on SDN environment.

Dimensions

Plum Analytics

Author Biographies

Maman Abdurohman, Telkom University

School of Computing Telkom University

 

Dani Prasetiawan, Telkom University

School of Computing

Telkom University

Fazmah Arif Yulianto

School of Computing

Telkom University

References

Azodolmolky, S. (2013). Software defined networking with OpenFlow. Birmingham, UK: Packt Publishing.

Braga, R., Mota, E., & Passito, A. (2010). Lightweight DDoS flooding attack detection using NOX/OpenFlow. In Local Computer Networks (LCN), 2010 IEEE 35th Conference. Denver, USA.

Braun, W. & Menth, M. (2014). Software-defined networking using OpenFlow: Protocols, applications and architectural design choices. Future Internet, 6(2), 302-336.

Carl, G., Kesidis, G., Brooks, R. R., & Rai, S. (2006). Denial-of-service attack-detection techniques. IEEE Internet Computing, 10(1), 82-89.

Dillon, C., & Berkelaar, M. (2014). OpenFlow (D)DoS mitigation. Retrieved from http://www.delaat.net/rp/2013-2014/p42/report.pdf

Feinstein, L., Schnackenberg, D., Balupari, R., & Kindred, D. (2003). Statistical approaches to DDoS attack detection and response. In DARPA Information Survivability Conference and Exposition, 2003.

Proceedings (Vol. 1, pp. 303-314). IEEE.

Kandoi, R., & Antikainen, M. (2015). Denial-of-service attacks in OpenFlow SDN networks. In 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM) (pp. 1322-1326). IEEE.

Kumar, T. (2013). An improved packet size entropy based DoS attack detection scheme (Doctoral Dissertation). Rourkela, India: National Institute of Technology Rourkela.

Mousavi, S. M. (2014). Early detection of DDoS attacks in software defined networks controller (Master Thesis). Ottawa, Ontario: Carleton University.

Oktian, Y. E., Lee, S., & Lee, H. (2014). Mitigating Denial of Service (DOS) attacks in openflow networks. In 2014 International Conference on Information and Communication Technology Convergence (ICTC), (pp. 325-330). IEEE.

Siregar, J. J. (2013). Analisis explotasi keamanan web denial of service attack. ComTech: Computer, Mathematics and Engineering Applications, 4(2), 1199-1205.

Tiwari, V., Parekh, R., & Patel, V. (2014). A survey on vulnerabilities of Openflow network and its impact on SDN/Openflow controller. World Academics Journal of Engineering Sciences, 1, 1-5.

Xing, T., Huang, D., Xu, L., Chung, C. J., & Khatkar, P. (2013). Snortflow: A openflow-based intrusion prevention system in cloud environment. In Research and Educational Experiment Workshop (GREE), 2013 Second GENI (pp. 89-92). IEEE.

Wen, X., Chen, Y., Hu, C., Shi, C., & Wang, Y. (2013). Towards a secure controller platform for openflow applications. In Proceedings of the second ACM SIGCOMM Workshop on Hot Topics in software

Defined Networking (pp. 171-172). ACM.

Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine, 53(4), 52-59.

Downloads

Published

2017-12-31

Issue

Vol. 8 No. 4 (2017): ComTech

Section

Articles

License

Authors who publish with this journal agree to the following terms:
a. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License - Share Alike that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.

b. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.

c. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.

 USER RIGHTS

 All articles published Open Access will be immediately and permanently free for everyone to read and download.  We are continuously working with our author communities to select the best choice of license options, currently being defined for this journal as follows:

Creative Commons Attribution-Share alike (CC BY-SA)

Abstract 855  .
PDF downloaded 599  .