Improving Distributed Denial of Service (DDOS) Detection using Entropy Method in Software Defined Network (SDN)


  • Maman Abdurohman Telkom University
  • Dani Prasetiawan Telkom University
  • Fazmah Arif Yulianto



Software Defined Network (SDN), Distributed Denial of Service (DDoS), detection, entropy


This research proposed a new method to enhance Distributed Denial of Service (DDoS) detection attack on Software Defined Network (SDN) environment. This research utilized the OpenFlow controller of SDN for DDoS attack detection using modified method and regarding entropy value. The new method would check whether the traffic was a normal traffic or DDoS attack by measuring the randomness of the packets. This method consisted of two steps, detecting attack and checking the entropy. The result shows that the new method can reduce false positive when there is a temporary and sudden increase in normal traffic. The new method succeeds in not detecting this as a DDoS attack. Compared to previous methods, this proposed method can enhance DDoS attack detection on SDN environment.


Plum Analytics

Author Biographies

Maman Abdurohman, Telkom University

School of Computing Telkom University


Dani Prasetiawan, Telkom University

School of Computing

Telkom University

Fazmah Arif Yulianto

School of Computing

Telkom University


Azodolmolky, S. (2013). Software defined networking with OpenFlow. Birmingham, UK: Packt Publishing.

Braga, R., Mota, E., & Passito, A. (2010). Lightweight DDoS flooding attack detection using NOX/OpenFlow. In Local Computer Networks (LCN), 2010 IEEE 35th Conference. Denver, USA.

Braun, W. & Menth, M. (2014). Software-defined networking using OpenFlow: Protocols, applications and architectural design choices. Future Internet, 6(2), 302-336.

Carl, G., Kesidis, G., Brooks, R. R., & Rai, S. (2006). Denial-of-service attack-detection techniques. IEEE Internet Computing, 10(1), 82-89.

Dillon, C., & Berkelaar, M. (2014). OpenFlow (D)DoS mitigation. Retrieved from

Feinstein, L., Schnackenberg, D., Balupari, R., & Kindred, D. (2003). Statistical approaches to DDoS attack detection and response. In DARPA Information Survivability Conference and Exposition, 2003.

Proceedings (Vol. 1, pp. 303-314). IEEE.

Kandoi, R., & Antikainen, M. (2015). Denial-of-service attacks in OpenFlow SDN networks. In 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM) (pp. 1322-1326). IEEE.

Kumar, T. (2013). An improved packet size entropy based DoS attack detection scheme (Doctoral Dissertation). Rourkela, India: National Institute of Technology Rourkela.

Mousavi, S. M. (2014). Early detection of DDoS attacks in software defined networks controller (Master Thesis). Ottawa, Ontario: Carleton University.

Oktian, Y. E., Lee, S., & Lee, H. (2014). Mitigating Denial of Service (DOS) attacks in openflow networks. In 2014 International Conference on Information and Communication Technology Convergence (ICTC), (pp. 325-330). IEEE.

Siregar, J. J. (2013). Analisis explotasi keamanan web denial of service attack. ComTech: Computer, Mathematics and Engineering Applications, 4(2), 1199-1205.

Tiwari, V., Parekh, R., & Patel, V. (2014). A survey on vulnerabilities of Openflow network and its impact on SDN/Openflow controller. World Academics Journal of Engineering Sciences, 1, 1-5.

Xing, T., Huang, D., Xu, L., Chung, C. J., & Khatkar, P. (2013). Snortflow: A openflow-based intrusion prevention system in cloud environment. In Research and Educational Experiment Workshop (GREE), 2013 Second GENI (pp. 89-92). IEEE.

Wen, X., Chen, Y., Hu, C., Shi, C., & Wang, Y. (2013). Towards a secure controller platform for openflow applications. In Proceedings of the second ACM SIGCOMM Workshop on Hot Topics in software

Defined Networking (pp. 171-172). ACM.

Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine, 53(4), 52-59.






Abstract 817  .
PDF downloaded 563  .