A simple security policy enforcement system for an institution using SDN controller
Author(s):
Harsh Jain, Paritosh Dhotre, Anurag Kothari, Suresh Babu K. S.
Keywords:
DDoS, POX, SDN
Abstract
Basically, as we know (SDN) software-defined networking architectural framework eases the work of the n/w administrators by separating the data plane from the control plane. This provides easy network configuration by supporting a programmable interface for applications development related to security, management etc. and the centralized logical controller provides more control over the total network, which has complete network visibility. These SDN advantages exposes the network to vulnerabilities and the impact of the attacks is much severe when compared to traditional networks, where the network devices have protection from the attacks and limits the occurrence of attacks. In this project, we want to explore various attacks that can be launched on SDN at different layers. we also want to evaluate some of the existing security methods in mitigating the attacks and explore a possible solution to prevent DDoS attacks using entropy. Basically, Distributed Denial of Service (DDoS) attack is a DoS attack which utilizes multiple distributed attack sources. We know that every network in the system has an entropy and increase in the randomness causes entropy to decrease. For preventing this DDoS threat, we want to use POX for attack detection and want to provide a solution that is effective in terms of the resources used. More precisely, this project shows how DDoS attacks can consume controller resources and provide a solution to detect such attacks based on the entropy variation of the destination IP address. Now based on this entropy value, we shall block that specific port in the switch if it drops below certain threshold value, and then bring the port down.
Article Details
Unique Paper ID: 151127
Publication Volume & Issue: Volume 7, Issue 12
Page(s): 98 - 103
Article Preview & Download
Share This Article
Join our RMS
Conference Alert
NCSEM 2024
National Conference on Sustainable Engineering and Management - 2024