Enhancing SDN resilience against DDoS attacks through dynamic virtual controller deployment and attack level detection algorithm

Abstract

The rapid evolution of network traffic created various problems in detecting Distributed Denial of Service (DDOS) attacks. The manifestation of Software Defined Networking (SDN) provides some individuality in that the SDN Controller uses a technique to examine the acquired data from the Flow Table (FT). As traffic increases, the controller's processing capability decreases, resulting in insufficient space availability for the FT and flow buffer. Understanding the struggles that exist in the controller and FT, this study provided a distinctive procedure that will increase performance, reduce controller load, manage FT space, and flow buffers that are activated by the Virtual Controller (VC). It dynamically completes the bundle of packets received at the router/switch, analyze the FT using the Attack Level Detection (ALD) method, assesses the bandwidth utilization of a particular user, and maps to the ingress port. The ALD algorithm detects mismatched packets and congested packets originating from faked IP and network addresses. This effort is related with the regular scenario and the attack level scenario, which use a mininet simulator with two controllers, the POX controller and the Open Daylight controller, to simulate major performance variations. This study efficiently lowers the overload of the VC and FT, hence preventing the DDoS assault employing VC.