Hiba Salah Yaseen; Ahmed Al-Saadi
Abstract
Software Defined Network (SDN) is a modern network architecture that has a centralized controller. It is more flexible, and programmable due to the separation of the control plane from the data plane. However, Distributed Denial of Service (DDoS) attacks is one of the dangers that the SDN network is ...
Read More ...
Software Defined Network (SDN) is a modern network architecture that has a centralized controller. It is more flexible, and programmable due to the separation of the control plane from the data plane. However, Distributed Denial of Service (DDoS) attacks is one of the dangers that the SDN network is facing. It could attack and stop the controller from working, causing the whole system to be down. Moreover, DDoS attacks can target the hosts and the switches to stop the services for a long time as they could cause more damage to the network or datacenter. In this work, a proposed approach is utilized to protect datacenter networks and servers from DDoS attacks using entropy and real SDN-controller Python Network Operating system (POX) by redirect traffic to the edge of the datacenter to minimize the damage. The results of this experiment show how to detect abnormal traffics in an early stage and isolate them in a server outside the datacenter to distribute the huge amount of traffic in more than one server and avoid congestion on switches. Also, the throughput of the server was increased by about %16 during the suspected attack, this means maintaining the service until further analysis to be done on the traffic. These results are compared with the direct block mitigation method which was mostly used with the entropy detection method in previous researches. Moreover, this work is done to confirm whether the suspected traffic is an actual attack or not. Therefore, this method will decrease the false positives of detection.
Methaq Khamees Faraj; Ahmed Al-Saadi; Riyadh Jabbar Albahadili
Volume 20, Issue 3 , July 2020, , Page 65-74
Abstract
The number of devices connected to networks and the internet such as the Internet of Things, machine to machine, social media or speech traffic, etc., are rapidly increased that results in a huge amount of traffic. This leads to congestion that increases packet loss and reduces system performance. Therefore, ...
Read More ...
The number of devices connected to networks and the internet such as the Internet of Things, machine to machine, social media or speech traffic, etc., are rapidly increased that results in a huge amount of traffic. This leads to congestion that increases packet loss and reduces system performance. Therefore, a single server cannot handle this traffic and need to use some approaches to optimize network performance. The use of a load balancer to distribute network traffic among multiple servers could minimize the load on a single server, provide availability, scalability, and enhance network performance. A load balancer in a traditional network is a dedicated hardware device that is expensive, close vender, and non-programmable. A load balancer contains few algorithms that network engineers cannot change or create a new one. In contrast, Software Defined Network (SDN) that utilizes load balancer is programmable (hardware independent) and more agilely.The objective of this investigation is to implement the Least packet load algorithm, which is used in the traditional load balancer, using an SDN-controller Python Network Operating system (POX) in order to distribute load among servers. Moreover, it discusses some research opportunities that this work introduces to improve load balancing in SDN. This work is validated through extensive simulations and emulations that compare the proposed algorithm with four of the most widely cited schemes. The results indicate that the proposed algorithm improved network performance and achieve up to 21% increase to system throughput compared to other benchmark approaches.