Loading...

Traffic Behavior Analysis in Software Defined Network for DDoS Attack Detection

Karimi, Alireza | 2021

584 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 54144 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Jalili, Rasool
  7. Abstract:
  8. Today Software Defined Networks are being considered as a new approach in the IT industry. In the architecture of this type of network, the control plane is separated from the data plane and this control layer is collected centrally in a unit called the controller that manages packet routing in the network. Switches and other components in the data layer are only responsible for transmitting packets in the network. Software Defined Networks are now widely used by leading companies. One of the most basic security requirements in any network architecture is the issue of full network accessibility for users. Denial of service attacks are known to pose a serious threat to network accessibility. These attacks are known as one of the most common and costly attacks in the network,which has disrupted the provision of services at the organizational and even national levels. Therefore, countering and mitigating the denial of service attacks in these networks has become an important research platform in recent years. Various methods have been proposed by researchers for detect and mitigate DDoS attacks. Statistical analysis of network traffic status And using machine learning-based methods there are two common ways to detect denial of service attacks. Statistical analysis of network traffic methods have less computational overhead than learning methods therefore, they are using for early detection of DDos attacks. On the other hand, due to the complexity and intelligence of some distributed denial-of-service attacks, the accuracy of detecting more intelligent attacks by statistical analysis methods will be lower than the learning method. In this thesis, while examining similar work done in this field, we present an attack called Misbehavioural attack that methods based on statistical analysis will not be able to detect alonely. Then we will present a three-unit architecture tailored to the infrastructure and features of Software Defined Networks, consisting of a statistical analysis-based detection unit, a loaddetection unit, and a machine learning-based detection unit for early and accurate detection of attacks. Then we compare the proposed method with existing methods.
  9. Keywords:
  10. Machine Learning ; Software Defined Networks (SDN) ; Entropy ; Distributed Denial of Service (DDOS)Attack ; Denial of Service (DOS)Attack Detection ; Attack Detection ; Behavioral Analysis

 Digital Object List

 Bookmark

...see more