Detecting DDoS Attack using Software Defined Network (SDN) in Cloud Computing Environment

In the last one decade, cloud computing has evolved as a new and promising computational platform that provides cost effective and scalable computing facility. The merger of SDN technology with the cloud computing environment simplifies the cloud’s networking complexities and significantly improves the manageability, programmability, dynamism, and scalability of the cloud. In the SDN-based cloud, the essential features of SDN, including global view of the whole network, software based traffic analysis, centralized control over the network, etc. greatly improves the DDoS attack detection and mitigation capabilities of the cloud. In this paper, we first discuss about various essential features of SDN that makes it suitable networking technology for cloud computing. Moreover, we propose an approach to detect DDoS attacks in SDN-based cloud by utilizing the features of SDN. The proposed approach can detect the DDoS attacks with very low communicational and computational overhead. Our claims are well supported by the extensive simulation based experiments.

[1]  Marc St-Hilaire,et al.  Early Detection of DDoS Attacks Against Software Defined Network Controllers , 2018, Journal of Network and Systems Management.

[2]  Latifa Ben Arfa Rabai,et al.  A Security Framework for Secure Cloud Computing Environments , 2016, Int. J. Cloud Appl. Comput..

[3]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[4]  F. R. Yu,et al.  Effective software-defined networking controller scheduling method to mitigate DDoS attacks , 2017 .

[5]  Thamer Al-Rousan,et al.  Cloud Computing for Global Software Development: Opportunities and Challenges , 2015, Int. J. Cloud Appl. Comput..

[6]  Yao Zheng,et al.  DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[7]  Andrei V. Gurtov,et al.  Security in Software Defined Networks: A Survey , 2015, IEEE Communications Surveys & Tutorials.

[8]  Vanessa Ratten,et al.  Cloud Computing Technology Innovation Advances: A Set of Research Propositions , 2015, Int. J. Cloud Appl. Comput..

[9]  F. Richard Yu,et al.  Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[10]  Charles F. Hockett,et al.  A mathematical theory of communication , 1948, MOCO.

[11]  Dijiang Huang,et al.  SnortFlow: A OpenFlow-Based Intrusion Prevention System in Cloud Environment , 2013, 2013 Second GENI Research and Educational Experiment Workshop.

[12]  Mona Nasr,et al.  Cloud Computing: The Future of Big Data Management , 2015, Int. J. Cloud Appl. Comput..

[13]  Brij B. Gupta,et al.  A Recent Survey on DDoS Attacks and Defense Mechanisms , 2011 .

[14]  B. B. Gupta,et al.  Defending against Distributed Denial of Service Attacks: Issues and Challenges , 2009, Inf. Secur. J. A Glob. Perspect..

[15]  Nick Feamster,et al.  The road to SDN: an intellectual history of programmable networks , 2014, CCRV.

[16]  Jian Zhu,et al.  SD-Anti-DDoS: Fast and efficient DDoS defense in software-defined networks , 2016, J. Netw. Comput. Appl..

[17]  A. Rényi On Measures of Entropy and Information , 1961 .

[18]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[19]  Wanlei Zhou,et al.  Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics , 2011, IEEE Transactions on Information Forensics and Security.

[20]  David Hausheer,et al.  Software-Defined Networking: Standardization for Cloud Computing's Second Wave , 2014, Computer.

[21]  Gregory Blanc,et al.  ArOMA: An SDN based autonomic DDoS mitigation framework , 2017, Comput. Secur..