A Bio-Inspired Framework to Mitigate DoS Attacks in Software Defined Networking

Software Defined Networking (SDN) is an emerging architecture providing services on a priority basis for real-time communication, by pulling out the intelligence from the hardware and developing a better management system for effective networking. Denial of service (DoS) attacks pose a significant threat to SDN, as it can disable the genuine hosts and routers by exhausting their resources. It is thus vital to provide efficient traffic management, both at the data layer and the control layer, thereby becoming more responsive to dynamic network threats such as DoS. Existing DoS prevention and mitigation models for SDN are computationally expensive and are slow to react. This paper introduces a novel biologically inspired architecture for SDN to detect DoS flooding attacks. The proposed biologically inspired architecture utilizes the concepts of the human immune system to provide a robust solution against DoS attacks in SDNs. The two layer immune inspired framework, viz innate layer and adaptive layer, is initiated at the data layer and the control layer of SDN, respectively. The proposed model is reactive and lightweight for DoS mitigation in SDNs.

[1]  Mabry Tyson,et al.  FRESCO: Modular Composable Security Services for Software-Defined Networks , 2013, NDSS.

[2]  Otto Carlos Muniz Bandeira Duarte,et al.  Flowfence: a denial of service defense system for software defined networking , 2015, 2015 Global Information Infrastructure and Networking Symposium (GIIS).

[3]  Vinod Yegneswaran,et al.  AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks , 2013, CCS.

[4]  Thierry Turletti,et al.  A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks , 2014, IEEE Communications Surveys & Tutorials.

[5]  Sankardas Roy,et al.  Mitigating congestion-based denial of service attacks with active queue management , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[6]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[7]  Xin Liu,et al.  NetFence: preventing internet denial of service from inside out , 2010, SIGCOMM '10.

[8]  Lei Wei,et al.  FlowRanger: A request prioritizing algorithm for controller DoS attacks in Software Defined Networks , 2015, 2015 IEEE International Conference on Communications (ICC).

[9]  Heena Rathore,et al.  Bio-inspired machine learning based Wireless Sensor Network security , 2013, 2013 World Congress on Nature and Biologically Inspired Computing.

[10]  Heejo Lee,et al.  An incrementally deployable anti-spoofing mechanism for software-defined networks , 2015, Comput. Commun..

[11]  Anupam Gupta,et al.  Novel approach for security in Wireless Sensor Network using bio-inspirations , 2014, 2014 Sixth International Conference on Communication Systems and Networks (COMSNETS).

[12]  Heena Rathore Mapping Biological Systems to Network Systems , 2016 .

[13]  Juan Sebastian Silva Delgado,et al.  Automatic network reconfiguration because of security events , 2014, 2014 IEEE Colombian Conference on Communications and Computing (COLCOM).

[14]  Mohsen Guizani,et al.  Mathematical Evaluation of Human Immune Systems For Securing Software Defined Networks , 2018, 2018 6th International Conference on Wireless Networks and Mobile Communications (WINCOM).

[15]  Ian F. Akyildiz,et al.  A roadmap for traffic engineering in SDN-OpenFlow networks , 2014, Comput. Networks.

[16]  Venkataramana Badarla,et al.  Primary-secondary immune response adaptation for wireless sensor network , 2014, 2014 Eleventh Annual IEEE International Conference on Sensing, Communication, and Networking (SECON).