nach oben

Cluster Computing

Erschienen in:

29.05.2020

SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking

verfasst von: Sumit Badotra, Surya Narayan Panda

Erschienen in: Cluster Computing | Ausgabe 1/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Software-defined networking (SDN) is an approach in the network that provides many advantages with the help of separating the intelligence of the network (controller) with the underlying network infrastructure (data plane). But this isolation also gives birth to many security concerns; therefore, the need to protect the network from various attacks is becoming mandatory. Distributed Denial of Service (DDoS) in SDN is one such attack that is becoming a hurdle to its growth. Before the mitigation of DDoS attacks, the primary step is to detect them. In this paper, an early DDoS detection tool is created by using SNORT IDS (Intrusion Detection System). This tool is integrated with popularly used SDN controllers (Opendaylight and Open Networking Operating System). For the experimental setup, five different network scenarios are considered. In each scenario number of hosts, switches and data packets vary. For the creation of different hosts, switches the Mininet emulation tool is used whereas for generating the data packets four different penetration tools such as Hping3, Nping, Xerxes, Tor Hammer, LOIC are used. The generated data packets are ranging from (50,000 per second–2,50,000 per second) and the number of hosts/switches are ranging from (50–250) in every scenario respectively. The data traffic is bombarded towards the controllers and the evaluation of these packets is achieved by making use of Wireshark. The analysis of our DDoS detection system is performed on the basis of various parameters such as time to detect the DDoS attack, Round Trip Time (RTT), percentage of packet loss and type of DDoS attack. It is found that ODL takes minimum time to detect the successful DDoS attack and more time to go down than ONOS. Our tool ensures the timely detection of fast DDoS attacks which delivers the better performance of the SDN controller and not compromising the overall functionality of the entire network.

Vorheriger Artikel MapReduce FCM clustering set algorithm

Nächster Artikel A Spark-based differential evolution with grouping topology model for large-scale global optimization

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Xia, W., Wen, Y., Foh, C.H., Niyato, D., Xie, H.: A survey on software-defined networking. IEEE Commun. Surveys Tutor. 17(1), 27–51 (2015)CrossRef

Lantz, B., Heller, B., & McKeown, N.: A network in a laptop: rapid prototyping for software-defined networks. In Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks, p. 19. ACM (2010)

Feamster, N., Rexford, J., Zegura, E.: The road to SDN: an intellectual history of programmable networks. ACM SIGCOMM Comput. Commun. Rev. 44(2), 87–98 (2014)CrossRef

Nunes, B.A.A., Mendonca, M., Nguyen, X.N., Obraczka, K., Turletti, T.: A survey of software-defined networking: past, present, and future of programmable networks. IEEE Commun. Surv. Tutor. 16(3), 1617–1634 (2014)CrossRef

Shenker, S., Casado, M., Koponen, T., McKeown, N.: The future of networking, and the past of protocols. Open Netw. Summit 20, 1–30 (2011)

McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Turner, J.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)CrossRef

Fernandez, M.P.: Comparing OpenFlow controller paradigms scalability: reactive and proactive. In: 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), pp. 1009–1016. IEEE (2013)

Kreutz, D., Ramos, F.M., Verissimo, P.E., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-defined networking: a comprehensive survey. Proc. IEEE 103(1), 14–76 (2015)CrossRef

https://www.globenewswire.com/newsrelease/2019/04/04/1797303/0/en/Software-Defined-Networking-SDN-Market-Size-USD-59-Billion-by-202Growing-at-Massive-CAGR-of-42-41.html. Accessed 01 Oct 2019

10.

https://www.transformingnetworkinfrastructure.com/news/2019/03/22/8923883.htm. Accessed 15 Oct 2019

11.

https://www.networkworld.com/article/3209131/what-sdn-is-and-where-its-going.html. Accessed 30 Oct 2019

12.

Gupta, B.B., Agrawal, D.P. (eds.): Handbook of Research on Cloud Computing and Big Data Applications in IoT. IGI Global, Pennsylvania (2019)

13.

Jammal, M., Singh, T., Shami, A., Asal, R., Li, Y.: Software defined networking: state of the art and research challenges. Comput. Netw. 72, 74–98 (2014)CrossRef

14.

Badotra, S., Singh, J.: A review paper on software defined networking. Int. J. Adv. Res. Comput. Sci. 8(3), 2 (2017)

15.

Kamal, A.E., Han, L., Lu, L., Jabbar, S.: Guest editorial: Special issue on software defined networking: trends, challenges, and prospective smart solutions. Peer-to-Peer Netw. Appl. 12(2), 291–294 (2019)CrossRef

16.

Nayyer, A., Sharma, A.K., Awasthi, L.K.: Issues in software-defined networking. In: Proceedings of 2nd International Conference on Communication, Computing and Networking, pp. 989–997. Springer, Singapore (2019)

17.

Bhushan, K., Gupta, B.B.: Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment. J. Amb. Intell. Hum. Comput. 10(5), 1985–1997 (2019)CrossRef

18.

Scott-Hayward, S., O'Callaghan, G., Sezer, S.: SDN security: A survey. In 2013 IEEE SDN For Future Networks and Services (SDN4FNS), pp. 1–7. IEEE (2013)

19.

Badotra, S., & Panda, S.N. Evaluation and comparison of OpenDayLight and open networking operating system in software-defined networking. Cluster Computing, pp. 1–11

20.

Fernandes, G., Rodrigues, J.J., Carvalho, L.F., Al-Muhtadi, J.F., Proença, M.L.: A comprehensive survey on network anomaly detection. Telecommun. Syst. 70(3), 447–489 (2019)CrossRef

21.

Gupta, B.B., Badve, O.P.: Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a cloud computing environment. Neural Comput. Appl. 28(12), 3655–3682 (2017)CrossRef

22.

Shin, S., Yegneswaran, V., Porras, P., Gu, G.: Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 413–424. ACM (2013)

23.

Piedrahita, A.F.M., Rueda, S., Mattos, D.M., & Duarte, O.C.M.: FlowFence: a denial of service defense system for software defined networking. In: 2015 Global Information Infrastructure and Networking Symposium (GIIS), pp. 1–6. IEEE (2015)

24.

Ombase, P.M., Kulkarni, N.P., Bagade, S.T., Mhaisgawali, A.V.: DoS attack mitigation using rule based and anomaly based techniques in software defined networking. In: 2017 International Conference on Inventive Computing and Informatics (ICICI), pp. 469–475. IEEE (2017)

25.

You, X., Feng, Y., Sakurai, K.: Packet In message based DDoS attack detection in SDN network using OpenFlow. In: 2017 Fifth International Symposium on Computing and Networking (CANDAR), pp. 522–528. IEEE (2017)

26.

Kia, M. (2015). Early Detection and Mitigation of DDoS Attacks in Software Defined Networks (Doctoral dissertation, Master’s Thesis, Ryerson University, Toronto, ON, Canada).

27.

Mousavi, S.M., & St-Hilaire, M.: Early detection of DDoS attacks against SDN controllers. In: 2015 International Conference on Computing, Networking and Communications (ICNC), pp. 77–81. IEEE (2015)

28.

Xing, T., Huang, D., Xu, L., Chung, C.J., Khatkar, P.: Snortflow: Aopenflow-based intrusion prevention system in cloud environment. In: 2013 second GENI research and educational experiment workshop, pp. 89–92. IEEE (2013)

29.

Sahay, R., Blanc, G., Zhang, Z., Debar, H.: Towards autonomic DDoS mitigation using software defined networking (2015)

30.

Chowdhary, A., Pisharody, S., Alshamrani, A., Huang, D.: Dynamic game based security framework in SDN-enabled cloud networking environments. In: Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, pp. 53–58. ACM (2017)

31.

Jevtic, S., Lotfalizadeh, H., Kim, D.S.: Toward network-based ddos detection in software-defined networks. In: Proceedings of the 12th International Conference on Ubiquitous Information Management and Communication, p. 40. ACM (2018)

32.

Choi, Y.: Implementation of content-oriented networking architecture (CONA): a focus on DDoS countermeasure. In: Proceedings of European NetFPGA developers workshop (2010)

33.

Wang, R., Jia, Z., Ju, L.: An entropy-based distributed DDoS detection mechanism in software-defined networking. In: 2015 IEEE Trustcom/BigDataSE/ISPA, Vol. 1, pp. 310–317. IEEE (2015)

34.

Manso, P., Moura, J., Serrão, C.: SDN-based intrusion detection system for early detection and mitigation of DDoS attacks. Information 10(3), 106 (2019)CrossRef

35.

Ahalawat, A., Dash, S.S., Panda, A., Babu, K.S.: Entropy Based DDoS Detection and Mitigation in OpenFlow Enabled SDN. In: 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), pp. 1–5. IEEE (2019)

36.

www.mininet.org. Accessed 02 Dec 2019

37.

Badotra, S., Singh, J.: Open daylight as a controller for software defined networking. Int. J. Adv. Res. Comput. Sci. 8(5), 1105–1111 (2017)

38.

https://snort.org/. Accessed 28 Dec 2019

39.

Roesch, M.: Snort: lightweight intrusion detection for networks. Lisa 99(1), 229–238 (1999)MathSciNet

40.

Gupta, A., Sharma, L.S.: Performance evaluation of snort and suricata intrusion detection systems on ubuntu server. In: Proceedings of ICRIC 2019, pp. 811–821. Springer, Cham (2020)

41.

Shorey, T., Subbaiah, D., Goyal, A., Sakxena, A., Mishra, A. K.: Performance Comparison and Analysis of Slowloris, GoldenEye and Xerxes DDoS Attack Tools. In: 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 318–322. IEEE (2018)

42.

Behal, S., Kumar, K.: Characterization and comparison of DDoS attack tools and traffic generators: a review. IJ Netw. Security 19(3), 383–393 (2017)

43.

Hoque, N., Bhuyan, M.H., Baishya, R.C., Bhattacharyya, D.K., Kalita, J.K.: Network attacks: taxonomy, tools and systems. J. Netw. Comput. Appl. 40, 307–324 (2014)CrossRef

44.

Guozi, S.U.N., Jiang, W., Yu, G.U., Danni, R.E.N., Huakang, L.I.: DDoS attacks and flash event detection based on flow characteristics in SDN. In: 2018 15th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS), pp. 1–6 (2018)

Titel: SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking
verfasst von: Sumit Badotra
Surya Narayan Panda
Publikationsdatum: 29.05.2020
Verlag: Springer US
Erschienen in: Cluster Computing / Ausgabe 1/2021
Print ISSN: 1386-7857
Elektronische ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-020-03133-y

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2021

Privacy preservation in e-health cloud: taxonomy, privacy requirements, feasibility analysis, and opportunities

Task replication to improve the reliability of running workflows on the cloud

Rendering high-quality PK bitmap font in Linux environment

Development of benchmark automation suite and evaluation of various high-performance computing systems

Energy-saving traffic scheduling in backbone networks with software-defined networks

Retail level Blockchain transformation for product supply chain using truffle development platform