Ddos Attack Detection Using SDN Techniques
Main Article Content
Abstract
Distributed denial-of-service (DDoS) attack is a favourite weapon for black hat hackers and cyber terrorists. In spite of the vast choices of traditional solutions which is available today that can mitigate the DDoS attacks, they are still growing to become more frequent, upscaled, and severe. These attacks can quickly malfunction websites ranging from a single webpage to bigger web applications that belong to famous organizations which can cause huge financial and reputation wise risks and losses. Hence there forms a requirement to follow a new network paradigm which can detect and mitigate such attacks. Software-defined networking is such an evolving paradigm which can reduce the network expenses and it is also potent to detect and mitigate DDoS attacks. We are inspired by the capabilities of SDN, and we are going to detect DDoS attack that can occur in SDN. We will virtualize a network that is built with Mininet, followed by linking the root switch that handles the whole network to an SDN controller (like RYU, NOX etc.) and an Intrusion Detection System (IDS e.g., SNORT). We use OpenFlow as the communication protocol for the SDN controllers to communicate with the virtual network. This system can detect the DDoS attack based upon SDN techniques and not based on traditional methods(like firewall rules).