| Abstract |
: |
The exponential growth of application-layer programs has imposed significant constraints on the existing underlying network infrastructure. To address this escalating demand, a transition towards a software-oriented network infrastructure becomes indispensable. Software-defined networks (SDN), which decouples the data and control planes, transforming them into a programmable network controlled by a central controller, emerges as the solution. This approach enhances network management, leading to reduced operational expenditures (OPEX), heightened quality of service, and the achievement of desired scalability. However, the shift towards a programmable network infrastructure exposes vulnerabilities to existing security threats. In this research, additional security measures were proposed with the aim of detecting and preventing security threats, particularly distributed denial of service (DDoS) attacks. For simulation purposes, the Mininet platform is employed. The Ryu controller is configured as an SDN controller, responsible for transmitting and removing OpenFlow messages to and from switches, along with handling incoming packets. Snort plays a crucial role in analyzing suspicious traffic entering the network. This incoming traffic undergoes examination based on predefined rules, triggering an alert if any traffic matches these rules. The internet control message protocol (ICMP) flooding method was employed to execute DDoS attacks. Based on the results and findings, an extensive volume of packets was observed during attacks on the SDN network. Furthermore, connectivity tests conducted through ping tests towards the targeted machine resulted in 100% packet loss. This outcome signified the denial of resource access on the targeted machine during an attack, consequently leading to a decline in overall network performance. Analysis of the amassed data revealed that early detection through rule-based Snort implementation could significantly mitigate the impact on SDN networks. Consequently, the adoption of Snort for proactive DDoS attack detection in SDN networks was proposed. This approach empowered network administrators to respond promptly upon the occurrence of a Snort-generated alert. |
| References |
: |
|
[1]Zhang C, editor. Human security in China: A post-pandemic state. Springer Nature; 2021.
|
| [Google Scholar] |
|
[2]Stanford B, Foster S, Berdud CE. Global pandemic, security and human rights: comparative explorations of COVID-19 and the law. Routledge; 2021.
|
| [Google Scholar] |
|
[3]Hu M. Pandemic surveillance: privacy, security, and data ethics. Edward Elgar Publishing; 2022.
|
| [Google Scholar] |
|
[4]Shaw R, Gurtoo A. Introduction: global pandemic, human security, technology and development. In global pandemic and human security: technology and development perspective 2022 (pp. 1-14). Singapore: Springer Nature Singapore.
|
| [Crossref] |
[Google Scholar] |
|
[5]Gunaratna RK, Aslam MM. COVID-19 Pandemic: the threat and response. Routledge; 2022.
|
| [Google Scholar] |
|
[6]Kumar S, Gaur MS, Sharma PS, Sagar V. Post pandemic cyber attacks impacts and countermeasures: a systematic review. In international conference on artificial intelligence and smart communication 2023 (pp. 192-9). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[7]Bohara B, Bhuyan J, Wu F, Ding J. A survey on the use of data clustering for intrusion detection system in cybersecurity. International Journal of Network Security & its Applications. 2020; 12(1):1-18.
|
| [Crossref] |
[Google Scholar] |
|
[8]Celesova B, Valko J, Grezo R, Helebrandt P. Enhancing security of SDN focusing on control plane and data plane. In 7th international symposium on digital forensics and security 2019 (pp. 1-6). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[9]Zhang H, Cai Z, Liu Q, Xiao Q, Li Y, Cheang CF. A survey on security-aware measurement in SDN. Security and Communication Networks. 2018; 2018:1-15.
|
| [Crossref] |
[Google Scholar] |
|
[10]Khalifa R, El-aasser M. Network security challenges in SDN environments. In 5th international conference on communications, signal processing, and their applications 2022 (pp. 1-6). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[11]Ahmed SB, Mohamed YA. An approach for software-defined networks security. In second international conference on electrical, electronics, information and communication technologies 2023 (pp. 1-8). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[12]Wang L, Qin Y, Li N. Research on security protection system under multi-party gathering technology of computer big data. In 3rd international conference on electronic technology, communication and information 2023 (pp. 1286-9). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[13]https://asset.mkn.gov.my/wp-content/uploads/2020/10/MalaysiaCyberSecurityStrategy2020-2024.pdf. Accessed 27 July 2023.
|
|
[14]https://enterprise.verizon.com/content/verizonenterprise/us/en/index/resources/reports/2020-data-breach-investigations-report.pdf. Accessed 27 July 2023.
|
|
[15]https://k12cybersecure.com/wp-content/uploads/2021/03/StateofK12Cybersecurity-2020.pdf. Accessed 27 July 2023.
|
|
[16]Khairi MH, Ariffin SH, Latiff NM, Abdullah AS, Hassan MK. A review of anomaly detection techniques and distributed denial of service (DDoS) on software defined network (SDN). Engineering, Technology & Applied Science Research. 2018; 8(2):2724-30.
|
| [Google Scholar] |
|
[17]Manso P, Moura J, Serrão C. SDN-based intrusion detection system for early detection and mitigation of DDoS attacks. Information. 2019; 10(3):1-17.
|
| [Crossref] |
[Google Scholar] |
|
[18]Iqbal M, Iqbal F, Mohsin F, Rizwan M, Ahmad F. Security issues in software defined networking (SDN): risks, challenges and potential solutions. International Journal of Advanced Computer Science and Applications. 2019; 10(10):298-303.
|
| [Crossref] |
[Google Scholar] |
|
[19]Clouder A. DDoS attack statistics and trend report by alibaba cloud. https://www.alibabacloud.com/blog/ddos-attack-statistics-and-trend-report-by-alibaba-cloud_597607. Accessed 27 July 2023.
|
| [Google Scholar] |
|
[20]Rawal BS, Patel S, Sathiyanarayanan M. Identifying ddos attack using split-machine learning system in 5g and beyond networks. In INFOCOM conference on computer communications workshops 2022 (pp. 1-6). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[21]Cai T, Jia T, Adepu S, Li Y, Yang Z. ADAM: an adaptive DDoS attack mitigation scheme in software-defined cyber-physical system. IEEE Transactions on Industrial Informatics. 2023.
|
| [Crossref] |
[Google Scholar] |
|
[22]Niu M, Feng Y, Sakurai K. A two-stage detection system of DDoS attacks in SDN using a trigger with multiple features and self-adaptive thresholds. In 17th international conference on ubiquitous information management and communication 2023 (pp. 1-8). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[23]Sai AD, Tilak BH, Sanjith NS, Suhas P, Sanjeetha R. Detection and mitigation of low and slow DDoS attack in an SDN environment. In international conference on distributed computing, VLSI, electrical circuits and robotics 2022 (pp. 106-11). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[24]Yadav AR, Jain AP, Shankar T, Rajesh A, Perumal S, Eappen G. AI based DDOS attack detection of SDN network in mininet emulator. In 2nd international conference on vision towards emerging trends in communication and networking technologies 2023 (pp. 1-4). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[25]Dou S, Miao G, Guo Z, Yao C, Wu W, Xia Y. Matchmaker: maintaining network programmability for software-defined WANs under multiple controller failures. Computer Networks. 2021; 192:108045.
|
| [Crossref] |
[Google Scholar] |
|
[26]Mahmood W, Nasir SD, Waqas I. A research survey on software defined networking (SDN). In proceedings ninth international conference on advances in computing, control and networking 2019 (pp. 1-6).
|
| [Google Scholar] |
|
[27]Sharma PK, Tyagi SS. Improving security through software defined networking (SDN): an SDN based model. International Journal of Recent Technology and Engineering. 2019; 8:295-300.
|
| [Google Scholar] |
|
[28]Sunday UI, Akhibi SD. Application of software-defined networking. European Journal of Computer Science and Information Technology. 2022; 10(2):27-48.
|
| [Google Scholar] |
|
[29]Andishmand R, Mohammdi H, Mostafavi S. Detection and analysis of DDoS attacks in software-defined networks. Computer Security and Reliability. 2020:1-14.
|
| [Google Scholar] |
|
[30]Bangui H, Ge M, Buhnova B. A hybrid data-driven model for intrusion detection in VANET. Procedia Computer Science. 2021; 184:516-23.
|
| [Crossref] |
[Google Scholar] |
|
[31]Sukumar JA, Pranav I, Neetish MM, Narayanan J. Network intrusion detection using improved genetic k-means algorithm. In international conference on advances in computing, communications and informatics 2018 (pp. 2441-6). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[32]Bhattacharjee PS, Fujail AK, Begum SA. A comparison of intrusion detection by K-means and fuzzy C-means clustering algorithm over the NSL-KDD dataset. In international conference on computational intelligence and computing research 2017 (pp. 1-6). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[33]Karataş F, Korkmaz SA. Big data: controlling fraud by using machine learning libraries on spark. International Journal of Applied Mathematics Electronics and Computers. 2018; 6(1):1-5.
|
| [Crossref] |
[Google Scholar] |
|
[34]Krishna KV, Swathi K, Rao BB. A novel framework for NIDS through fast KNN classifier on CICIDS 2017 dataset. International Journal of Recent Technology and Engineering. 2020; 8(5):3669-75.
|
| [Crossref] |
[Google Scholar] |
|
[35]Alrowaily M, Alenezi F, Lu Z. Effectiveness of machine learning based intrusion detection systems. In security, privacy, and anonymity in computation, communication, and storage: 12th international conference, SpaCCS 2019, Atlanta, GA, USA, 2019 (pp. 277-88). Springer International Publishing.
|
| [Crossref] |
[Google Scholar] |
|
[36]Verma A, Ranga V. Statistical analysis of CIDDS-001 dataset for network intrusion detection systems using distance-based machine learning. Procedia Computer Science. 2018; 125:709-16.
|
| [Crossref] |
[Google Scholar] |
|
[37]Li L, Zhang H, Peng H, Yang Y. Nearest neighbors based density peaks approach to intrusion detection. Chaos, Solitons & Fractals. 2018; 110:33-40.
|
| [Crossref] |
[Google Scholar] |
|
[38]Sandosh S, Govindasamy V, Akila G. Enhanced intrusion detection system via agent clustering and classification based on outlier detection. Peer-to-Peer Networking and Applications. 2020; 13:1038-45.
|
| [Crossref] |
[Google Scholar] |
|
[39]Aung YY, Min MM. Hybrid intrusion detection system using K-means and K-nearest neighbors algorithms. In IEEE/ACIS 17th international conference on computer and information science 2018 (pp. 34-8). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[40]Al Salti I, Zhang N. LINK-GUARD: an effective and scalable security framework for link discovery in SDN networks. IEEE Access. 2022; 10:130233-52.
|
| [Crossref] |
[Google Scholar] |
|
[41]Agborubere B, Sanchez-velazquez E. Openflow communications and TLS security in software-defined networks. In international conference on internet of things (iThings) and IEEE green computing and communications (GreenCom) and IEEE cyber, physical and social computing (CPSCom) and IEEE smart data (SmartData) 2017 (pp. 560-6). IEEE.
|
| [Google Scholar] |
|
[42]Muragaa WH, Seman K, Marhusin MF. Simulating DDoS attack in SDN network using POX controller and Mininet emulator. In proceedings of 134th the IRES international conference. 2018 (pp. 39-41).
|
| [Google Scholar] |
|
[43]Tupakula U, Karmakar KK, Varadharajan V, Collins B. Implementation of techniques for enhancing security of southbound infrastructure in SDN. In 13th international conference on network of the future 2022 (pp. 1-5). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[44]Yungaicela-naula NM, Vargas-rosales C, Perez-diaz JA, Jacob E, Martinez-cagnazzo C. Physical assessment of an SDN-based security framework for DDoS attack mitigation: introducing the SDN-SlowRate-DDoS dataset. IEEE Access. 2023; 11: 46820-31.
|
| [Crossref] |
[Google Scholar] |
|
[45]https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/012/147/original/Snort_3.1.8.0_on_Ubuntu_18_and_20.pdf. Accessed 27 July 2023.
|
|
Full-Text PDF
