Detecting Denial-of-Service Attacks Using sFlow

This paper addresses how to detect denial-of-service attacks using sFlow. Denial-of-service (DoS) attack is a critical security challenge in software-defined network (SDN). In DoS attack, the network bandwidth is acquired by disrupting the services of the server by abruptly increasing the traffic and making the server unavailable for other users. The most challenging problem of DoS attack is to detect the attack almost instantly and in a precise manner. This paper presents the detection of DoS attacks by using sFlow analyzer, a SDNs flow monitoring tool. In the event of any attack, sFlow collects sample packets from network traffic, analyzes suspicious behavior and creates handling rules which are then sent to the controller. Implementation of DoS attack is carried out by emulating a typical network in Mininet and integrating this with sFlow analyzer. Through the simulated results, the potential DoS victims and attackers are quickly found.

[1]  Mohamed Faten Zhani,et al.  A holistic approach to mitigating DoS attacks in SDN networks , 2018, Int. J. Netw. Manag..

[2]  Hu Aiqun,et al.  FloodDefender: Protecting data and control plane resources under SDN-aimed DoS attacks , 2017, IEEE INFOCOM 2017 - IEEE Conference on Computer Communications.

[3]  Mauro Conti,et al.  LineSwitch: Tackling Control Plane Saturation Attacks in Software-Defined Networking , 2017, IEEE/ACM Transactions on Networking.

[4]  Sudhir T. Bagade,et al.  Survey on DoS Attack Challenges in Software Defined Networking , 2017 .

[5]  Asma Islam Swapna,et al.  Security analysis of software defined wireless network monitoring with sFlow and FlowVisor , 2016, 2016 International Conference on Communication and Electronics Systems (ICCES).

[6]  Jennifer S. Raj,et al.  Secured Self Organizing Network Architecture in Wireless Personal Networks , 2017, Wirel. Pers. Commun..

[7]  Deokjai Choi,et al.  Utilizing OpenFlow and sFlow to Detect and Mitigate SYN Flooding Attack , 2014 .

[8]  S. Smys,et al.  A hybrid multilevel authentication scheme for private cloud environment , 2016, 2016 10th International Conference on Intelligent Systems and Control (ISCO).