Identifying DoS attacks on software defined networks: A relation context approach

The recent emerge of Software Defined Networking (SDN) promotes both supporters and opponents to further explore this network architecture. One of the main attributes that characterize SDN is the significant role of software to manage and control the architecture. There are four major concerns for such software dominant role, security, performance, reliability, and fault tolerance. Among them security is considered a major concern. SDNs security concerns include attacks on the control plane layer such as DoS attacks. This paper presents an inference-relation context based technique for the detection of DoS attacks on SDNs. The proposed technique utilizes contextual similarity with existing attack patterns to identify DoS in an OpenFlow infrastructure. A validation of the proposed technique has been performed using a several benchmark datasets yielding promising results.

[1]  Sajad Shirali-Shahreza,et al.  Efficient Implementation of Security Applications in OpenFlow Controller with FleXam , 2013, 2013 IEEE 21st Annual Symposium on High-Performance Interconnects.

[2]  Amin Hassanzadeh,et al.  Intrusion Detection with Data Correlation Relation Graph , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[3]  Andrei V. Gurtov,et al.  Security in Software Defined Networks: A Survey , 2015, IEEE Communications Surveys & Tutorials.

[4]  Mabry Tyson,et al.  FRESCO: Modular Composable Security Services for Software-Defined Networks , 2013, NDSS.

[5]  Chase Qishi Wu,et al.  An integrated cyber security monitoring system using correlation-based techniques , 2009, 2009 IEEE International Conference on System of Systems Engineering (SoSE).

[6]  Yanghee Choi,et al.  Implementation of Content-oriented Networking Architecture ( CONA ) : A Focus on DDoS Countermeasure , 2010 .

[7]  Dianxiang Xu,et al.  Security of Software Defined Networks: A survey , 2015, Comput. Secur..

[8]  Aiko Pras,et al.  An Overview of IP Flow-Based Intrusion Detection , 2010, IEEE Communications Surveys & Tutorials.

[9]  Nick McKeown,et al.  Architecting for innovation , 2011, CCRV.

[10]  Chu YuHunag,et al.  A novel design for future on-demand service and security , 2010, 2010 IEEE 12th International Conference on Communication Technology.

[11]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[12]  Akihiro Nakao,et al.  GENI: A federated testbed for innovative network experiments , 2014, Comput. Networks.

[13]  George Karabatis,et al.  Using Semantic Networks and Context in Search for Relevant Software Engineering Artifacts , 2009, J. Data Semant..

[14]  Guofei Gu,et al.  Attacking software-defined networks: a first feasibility study , 2013, HotSDN '13.

[15]  Paul Smith,et al.  OpenFlow: A security analysis , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[16]  Tao Ding,et al.  Multi-granular aggregation of network flows for security analysis , 2015, 2015 IEEE International Conference on Intelligence and Security Informatics (ISI).

[17]  Lei Xu,et al.  FloodGuard: A DoS Attack Prevention Extension in Software-Defined Networks , 2015, 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[18]  Kpatcha M. Bayarou,et al.  OrchSec: An orchestrator-based architecture for enhancing network-security using Network Monitoring and SDN Control functions , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).