Detection of DDoS Attacks in Software Defined Networking Using Entropy

Fan, Cong; Kaliyamurthy, Nitheesh Murugan; Chen, Shi; Jiang, He; Zhou, Yiwen; Campbell, Carlene

doi:10.3390/app12010370

Cited by 29 publications

(8 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Meanwhile, the proposed approach's performance was compared with two existing approaches dependent on the entropy algorithm [28], the fusion entropy algorithm [32], and information theory [34]. Since the entropy technique is the basis for all entropy-based methods, those approaches share the same common limitations.…”

Section: Resultsmentioning

confidence: 99%

“…The rest of this section first discusses the performance of the approaches [28,32,34] in detecting low and high DDoS attack traffic rates, regardless of whether the target is a single or multiple victims, then compares the results with the proposed approach. Table 5 compares the DR and FPR for all eight attack scenarios.…”

Section: Resultsmentioning

confidence: 99%

“…The experiments were performed on the proposed approach and the existing approaches [28,32] to prove the proposed approach could accurately detect low-and high-rate DDoS attacks on SDN controllers by single or multiple attackers regardless of whether the target is a single victim or multiple victims with high DR, without adding significant overhead to the SDN controller.…”

Section: Resultsmentioning

confidence: 99%

“…Fan et al [32] proposed a fusion entropy method for computing network traffic randomness to detect DDoS attacks in the SDN network environment. A dataset was used to evaluate and test the proposed approach.…”

Section: Related Workmentioning

confidence: 99%

See 3 more Smart Citations

Renyi Joint Entropy-Based Dynamic Threshold Approach to Detect DDoS Attacks against SDN Controller with Various Traffic Rates

et al. 2022

View full text Add to dashboard Cite

The increasing incidence of distributed denial-of-service (DDoS) attacks has made software-defined networking (SDN) more vulnerable to the depletion of controller resources. DDoS attacks prevent the SDN controller from processing all incoming data efficiently, potentially disrupting a network or denying legitimate users access to network services. Thus, the protection of the SDN controller is crucial, especially from the ones that exploit the SDN characteristics. In this paper, the authors propose an efficient detection approach for low- and high-rate DDoS attacks on the controller with a high detection rate and a low false positive rate by adapting a dynamic threshold algorithm rather than a static one and proposing a new rule-based detection mechanism. In addition, the proposed approach was evaluated using eight simulation scenarios representing all potential attacks against the SDN controller in terms of attack traffic rates (low or high), sources (either single or multiple hosts), and targets (single or multiple victims). The experiment results show that the proposed approach is more effective than the existing approaches based on attack detection and false positive rates.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Resultsmentioning

confidence: 99%

Section: Resultsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Renyi Joint Entropy-Based Dynamic Threshold Approach to Detect DDoS Attacks against SDN Controller with Various Traffic Rates

et al. 2022

View full text Add to dashboard Cite

show abstract

“…The DDoS attributes attack inside an SDN environment is placidly various from that at conventional networks. According to [2], the differences between DDoS attacks in classic networks and SDNs represents as follows; in classic networks, the DDoS attackers focus on destination servers, while in SDN, the DDoS attackers aim for the controller. The principal objective is to ensure the controller resources are not available by failing an SDN single point.…”

Section: Introductionmentioning

confidence: 99%

Techniques for DDoS Attack in SDN: A Comparative Study

Yaser

Mousa²,

Hussien³

2022

IJCI. International Journal of Computers and Information

View full text Add to dashboard Cite

Software-Defined Networking (commonly referred to as SDN) is a newer paradigm that develops the concept of a software-driven network by separating data and control planes. It can handle the traditional network problems. However, this excellent architecture is subjected to various security threats. One of these issues is the distributed denial of service (DDoS) attack, which is difficult to contain in this kind of software-based network. Several security solutions have been proposed recently to secure SDN against DDoS attacks. This paper aims to analyze and discuss machine learning-based systems for SDN security networks from DDoS attack. The results have indicated that the algorithms for machine learning can be used to detect DDoS attacks in SDN efficiently. From machine learning approaches, it can be explored that the best way to detect DDoS attack is based on utilizing deep learning procedures.Moreover, analyze the methods that combine it with other machine learning techniques. The most benefits that can be achieved from using the deep learning methods are the ability to do both feature extraction along with data classification; the ability to extract the specific information from partial data. Nevertheless, it is appropriate to recognize the low-rate attack, and it can get more computation resources than other machine learning where it can use graphics processing unit (GPU) rather than central processing unit (CPU) for carrying out the matrix operations, making the processes computationally effective and fast.

show abstract

Machine Learning-Based DDoS Attack Detection in Software-Defined Networking

Kareem

Jasim

2023

Communications in Computer and Information Science

View full text Add to dashboard Cite

Detection of DDoS Attacks in Software Defined Networking Using Entropy

Cited by 29 publications

References 34 publications

Renyi Joint Entropy-Based Dynamic Threshold Approach to Detect DDoS Attacks against SDN Controller with Various Traffic Rates

Renyi Joint Entropy-Based Dynamic Threshold Approach to Detect DDoS Attacks against SDN Controller with Various Traffic Rates

Techniques for DDoS Attack in SDN: A Comparative Study

Machine Learning-Based DDoS Attack Detection in Software-Defined Networking

Contact Info

Product

Resources

About