Download PDFOpen PDF in browserIntroducing a New Method for Early Detection of Distributed Denial of Service Attack on Software Defined NetworksEasyChair Preprint 18398 pages•Date: November 5, 2019AbstractThe separation of the control plane and the data plane in software-defined networks leads to better management and control of the network. However, this has paved the way for a new denial of service attacks. One of these attacks is sending fake packets to several different destinations on the network. This increases the rate of table miss error in the and sends packets to the controller and occupies it. The attraction of this type of attack arises because it cannot be detected by distance-measure attack detection techniques such as entropy. In this paper, we introduce a new method based on linear regression to detect this type of attack. First, we show that based on linear regression, an acceptable estimate is provided to predict the number of table miss errors. Then, based on this approximation, we define the threshold line for the number of switch table errors. The evaluation results show that the attack, which is not detectable by entropy-based methods, is well detected by the proposed method. Keyphrases: DDoS attack, DDoS attack detection, Software Defined Networks, linear regressions
|