Authors

• Hiba Salah Yaseen ¹
• Ahmed Al-Saadi ²

¹ Computer Engineering Department, University of Technology, Baghdad, Iraq

² Department of Computer Engineering, University of Technology, Baghdad, Iraq

Abstract

Software Defined Network (SDN) is a modern network architecture that has a centralized controller. It is more flexible, and programmable due to the separation of the control plane from the data plane. However, Distributed Denial of Service (DDoS) attacks is one of the dangers that the SDN network is facing. It could attack and stop the controller from working, causing the whole system to be down. Moreover, DDoS attacks can target the hosts and the switches to stop the services for a long time as they could cause more damage to the network or datacenter. In this work, a proposed approach is utilized to protect datacenter networks and servers from DDoS attacks using entropy and real SDN-controller Python Network Operating system (POX) by redirect traffic to the edge of the datacenter to minimize the damage. The results of this experiment show how to detect abnormal traffics in an early stage and isolate them in a server outside the datacenter to distribute the huge amount of traffic in more than one server and avoid congestion on switches. Also, the throughput of the server was increased by about %16 during the suspected attack, this means maintaining the service until further analysis to be done on the traffic. These results are compared with the direct block mitigation method which was mostly used with the entropy detection method in previous researches. Moreover, this work is done to confirm whether the suspected traffic is an actual attack or not. Therefore, this method will decrease the false positives of detection.

Keywords

• Software-Defined Networking (SDN)
• Distributed Denial of Service (DDoS) attacks
• OpenFlow
• Python Network Operating system (POX)