Research Article

DoS Attack Detection and Defense on SDN Controller

Authors

  • Yalan Zhang School of Information Technology and Electrical Engineering, University of Queensland, St Lucia QLD 4067, Australia. https://orcid.org/0000-0001-8716-1306
  • Huiyun Ning Assistant Engineer, Department of Communication and Signal, China Railway Siyuan Survey And Design Group, Wuhan, China

Abstract

With the development of the Internet, the flexibility and manageability problems of traditional network architecture have become increasingly prominent. To solve this problem, Software Defined Network (SDN) was born in recent years. The core idea of SDN is to decouple the data forwarding layer and the control layer, which makes SDN centralized, expandable, and programmable. The core services, important configuration, and other functions of SDN are deployed on the SDN controller, which is conducive to the centralization of network management but also introduces threats to network security. If the SDN controller is attacked, it will affect the coverage of the controller. The entire network, in extreme cases, will be paralyzed. Based on the analysis of the characteristics of the SDN network architecture, OpenFlow protocol, and the principle of DoS attacks, this project proposed and implemented two DoS detection and mitigation methods. The first one uses the Ryu controller, sFlow, and Postman to visualize and drop DoS attack traffic. The second method is a DoS attack automatic detection algorithm with a POX controller.

Article information

Journal

Journal of Computer Science and Technology Studies

Volume (Issue)

4 (2)

Pages

07-10

Published

2022-07-06

How to Cite

Zhang, Y., & Ning, H. (2022). DoS Attack Detection and Defense on SDN Controller. Journal of Computer Science and Technology Studies, 4(2), 07–10. https://doi.org/10.32996/jhsss.2022.4.2.2

Downloads

Keywords:

Software Defined Network (SDN), SDN controller, OpenFlow, DoS attacks