SECOD: SDN sEcure COntrol and Data Plane Algorithm for Detecting and Defending DoS Attacks

Wang, S, Chandrasekharan, S, Gomez Chavez, K, Sithamparanathan, K, Hourani, A, Asghar, M, Russello, G and Zanna, P 2018, 'SECOD: SDN sEcure COntrol and Data Plane Algorithm for Detecting and Defending DoS Attacks', in Proceedings of the 2018 IEEE/IFIP Network Operations and Management Symposium (NOMS 2018), Taipei, Taiwan, 23-27 April 2018, pp. 448-452.


Document type: Conference Paper
Collection: Conference Papers

Title SECOD: SDN sEcure COntrol and Data Plane Algorithm for Detecting and Defending DoS Attacks
Author(s) Wang, S
Chandrasekharan, S
Gomez Chavez, K
Sithamparanathan, K
Hourani, A
Asghar, M
Russello, G
Zanna, P
Year 2018
Conference name NOMS 2018: Cognitive Management in a Cyber World
Conference location Taipei, Taiwan
Conference dates 23-27 April 2018
Proceedings title Proceedings of the 2018 IEEE/IFIP Network Operations and Management Symposium (NOMS 2018)
Publisher IEEE
Place of publication United States
Start page 448
End page 452
Total pages 5
Abstract Although the popularity of Software-Defined Networking (SDN) is increasing, it is also vulnerable to security attacks such as Denial of Service (DoS) attacks. Since in SDN, the control plane is isolated from the data plane, DoS attackers can easily target the control plane to impair the network infrastructure in addition to the data plane to degrade the user's Quality of Service (QoS). In our previous work, we introduced SECO, an SDN Secure Controller algorithm to detect and defend SDN against DoS attacks. Simulation results showed that SECO successfully defends SDN networks from DoS attacks. In this paper, we present SDN sEcure COntrol and Data Plane (SECOD), which is an improved version of SECO. Basically, SECOD introduces new triggers to detect and prevent DoS attacks in both control and data planes. Moreover, SECOD is implemented and tested using SDN-based hardware testbed, OpenFlow-based switch, and RYU controller to capture the dynamics of realistic hardware and software. The results show that SECOD successfully detects and effectively mitigates DoS attacks on SDN networks keeping data plane performance at 99.72% compared to a network not under attack.
Subjects Networking and Communications
Electrical and Electronic Engineering not elsewhere classified
Keyword(s) SDN
OpenFlow
Security
DoS Attack
DOI - identifier 10.1109/NOMS.2018.8406196
Copyright notice Copyright © 2018 by the Institute of Electrical and Electronics Engineers, Inc.
ISBN 9781538634172
Versions
Version Filter Type
Citation counts: Scopus Citation Count Cited 0 times in Scopus Article
Altmetric details:
Access Statistics: 26 Abstract Views  -  Detailed Statistics
Created: Tue, 23 Oct 2018, 16:00:00 EST by Catalyst Administrator
© 2014 RMIT Research Repository • Powered by Fez SoftwareContact us