DDoS detection and defense mechanism based on cognitive-inspired computing in SDN

Abstract Software-defined networking (SDN) provides a promising architecture for future networks, and can provide advantages as central control programmability and global view. However, it faces numerous security challenges. Distributed denial of service (DDoS) is a security threat to SDN. Most existing schemes only perform DDoS attack detection and do not address how to defend and recover after detecting DDoS. In this paper, a DDoS attack detection and defense mechanism based on cognitive-inspired computing with dual address entropy is proposed. The flow table characteristics of the switch are extracted, and a DDoS attack model is built by incorporating the support vector machine classification algorithm. This mechanism can realize real-time detection and defense at the preliminary stage of the DDoS attack and can restore normal communication in time. The experiment shows that our mechanism not only detects attacks quickly but also has a high detection rate and low false positive rate. More importantly, it can take appropriate defense and recovery measures in the time after the attack has been identified.

[1]  Seungjoon Lee,et al.  Network function virtualization: Challenges and opportunities for innovations , 2015, IEEE Communications Magazine.

[2]  Ahmad Y. Javaid,et al.  A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN) , 2016, EAI Endorsed Trans. Security Safety.

[3]  Richard E. Overill,et al.  Detection of known and unknown DDoS attacks using Artificial Neural Networks , 2016, Neurocomputing.

[4]  Kevin Leyton-Brown,et al.  Algorithm runtime prediction: Methods & evaluation , 2012, Artif. Intell..

[5]  Jin Ye,et al.  A DDoS Attack Detection Method Based on SVM in Software Defined Network , 2018, Secur. Commun. Networks.

[6]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.

[7]  Fatih Alagöz,et al.  SDNScore: A statistical defense mechanism against DDoS attacks in SDN environment , 2017, 2017 IEEE Symposium on Computers and Communications (ISCC).

[8]  Antonio Pescapè,et al.  Integration of Cloud computing and Internet of Things: A survey , 2016, Future Gener. Comput. Syst..

[9]  Vishal Gupta,et al.  A cognitive inspired unsupervised language-independent text stemmer for Information retrieval , 2018, Cognitive Systems Research.

[10]  Yuefeng Ji,et al.  Baseband unit cloud interconnection enabled by flexible grid optical networks with software defined elasticity , 2015, IEEE Communications Magazine.

[11]  Mamoun Alazab,et al.  Profiling and classifying the behavior of malicious codes , 2015, J. Syst. Softw..

[12]  F. Richard Yu,et al.  Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[13]  Claude E. Shannon,et al.  Prediction and Entropy of Printed English , 1951 .

[14]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[15]  Joel J. P. C. Rodrigues,et al.  An early detection of low rate DDoS attack to SDN based data center networks using information distance metrics , 2018, Future Gener. Comput. Syst..