AN INTELLIGENT SOFTWARE DEFINED NETWORKING CONTROLLER COMPONENT TO DETECT AND MITIGATE DENIAL OF SERVICE ATTACKS

Abstract

Despite many advantages of software defined networking (SDN) such as manageability, scalability, and performance, it has inherent security threats. In particular, denial of service (DoS) attacks are major threats to SDN. The controller’s processing and communication abilities are overwhelmed by DoS attacks. The capacity of the flow tables in the switching device is exhausted due to excess flows created by the controller because of malicious packets. DoS attacks on the controller cause the network performance to drop to a critical level. In this paper, a new SDN controller component was proposed to detect and mitigate DoS attacks in the SDN controller. POX layer three controller component was used for underlying a testbed for PacketIn messages. Any packet from the host was incremented to measure the rate of packet according to its device identification and its input port number. Considering the rate of packets received by the controller and threshold set, malicious packets could be detected and mitigated easily. A developed controller component was tested in a Mininet simulation environment with an hping3 tool to build artificial DoS attacks. Using the enhanced controller component, DoS packets were prevented from accessing the controller and thus, the data plane (switching devices) was prevented from being filled with unwanted flows.