Litcius/Paper detail

Detecting DoS Attacks Based on Multi-Features in SDN

Meng Yue, Huaiyuan Wang, Liang Liu, Zhijun Wu

2020IEEE Access38 citationsDOIOpen Access PDF

Abstract

Denial of Service (DoS) attack is a serious threat to Software Defined Network (SDN). Although many research efforts have been devoted to identify new features for DoS attack detection, the existing approaches are not able to detect various types of DoS attacks. In SDN, DoS attacks against data plane are mainly organized in two ways: 1) DoS attack with multiple flow entries (M-DoS) to exhaust the Ternary Content-Addressable Memory (TCAM) resource of the switch. 2) DoS attack with a single well-designed entry (S-DoS) to overwhelm the target link and further impact the controller. To detect these two attacks, we propose a new approach by extracting six features of flow table, and using the back propagation (BP) neural network to construct the classifier. Test results of test-bed experiments indicate that the accurate detection probability of proposed approach is 98.9%, which can effectively distinguish M-DoS flows and S-DoS flows without being affected by Flash crowd scene.

Topics & Concepts

Computer scienceDenial-of-service attackForwarding planeComputer networkIntrusion detection systemContent-addressable memorySoftware-defined networkingArtificial neural networkComputer securityArtificial intelligenceNetwork packetOperating systemThe InternetNetwork Security and Intrusion DetectionSoftware-Defined Networks and 5GInternet Traffic Analysis and Secure E-voting
Detecting DoS Attacks Based on Multi-Features in SDN | Litcius