{"title":"ODL-ANTIFLOOD: A Comprehensive Solution For Securing OpenDayLight Controller","authors":"N. Tran, T. Le, M. Tran","doi":"10.1109/ACOMP.2018.00011","DOIUrl":null,"url":null,"abstract":"Software-Defined Networking (SDN) has emerged as a novel network architecture for facilitating and simplifying network control and management. The main fundamental of SDN is the separation of the control and data planes that allows to rapidly, simply manage and configure network operations. However, because of the logically centralized control plane, SDN brings many security challenges, especially to be the victim of Controller-aimed Distributed Denial of Service (DDoS) attacks. In this paper, we proposed a solution to detect and mitigate this dangerous threat to protect SDN controllers. Our proposal consists of two components including a network application for supporting in decision making and a network function for enforcing the detection and mitigation tasks. We also contribute a multi-layer attack detection mechanism and a three-phase mitigation approach to treat with the attacks. Our methodology is implemented on OpenDayLight controller and evaluated using a high-speed test-bed network. The results show that our solution is able to detect attacks after 40 milliseconds on average, and the accuracy of detection process is around 95%. Moreover, it also can effectively, efficiently mitigate attacks to reduce CPU Utilization from high (approx. 90%) to remain average (approx. 20%).","PeriodicalId":254411,"journal":{"name":"2018 International Conference on Advanced Computing and Applications (ACOMP)","volume":"108 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on Advanced Computing and Applications (ACOMP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ACOMP.2018.00011","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Software-Defined Networking (SDN) has emerged as a novel network architecture for facilitating and simplifying network control and management. The main fundamental of SDN is the separation of the control and data planes that allows to rapidly, simply manage and configure network operations. However, because of the logically centralized control plane, SDN brings many security challenges, especially to be the victim of Controller-aimed Distributed Denial of Service (DDoS) attacks. In this paper, we proposed a solution to detect and mitigate this dangerous threat to protect SDN controllers. Our proposal consists of two components including a network application for supporting in decision making and a network function for enforcing the detection and mitigation tasks. We also contribute a multi-layer attack detection mechanism and a three-phase mitigation approach to treat with the attacks. Our methodology is implemented on OpenDayLight controller and evaluated using a high-speed test-bed network. The results show that our solution is able to detect attacks after 40 milliseconds on average, and the accuracy of detection process is around 95%. Moreover, it also can effectively, efficiently mitigate attacks to reduce CPU Utilization from high (approx. 90%) to remain average (approx. 20%).
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
