Real-Time Detection and Mitigation of Distributed Denial of Service (DDoS) Attacks in Software Defined Networking (SDN)

Lawal B. H., AT N.

26th IEEE Signal Processing and Communications Applications Conference (SIU), İzmir, Turkey, 2 - 05 May 2018 identifier identifier

  • Publication Type: Conference Paper / Full Text
  • Doi Number: 10.1109/siu.2018.8404674
  • City: İzmir
  • Country: Turkey
  • Keywords: Software Defined Network (SDN), Mininet, OpenFlow, sFlow, DDoS, Virtual Machine
  • Anadolu University Affiliated: Yes


The emergence of Software Defined Network (SDN) and its promises in networking technology has gotten every stakeholder excited. However, it is believed that every technological development comes with its own challenges of which the most prominent in this case is security. This paper presents a real time detection of the distributed denial of service (DDoS) attacks on the SDN and a control method based on the sFlow mitigation technology. sFlow analyses samples of packets collected from the network traffic and generates handling rules to be sent to the controller in case of an attack detection. The implementation was done by emulating the network in Mininet which runs on a Virtual Machine (VM) and it was shown that the proposed method effectively detects and mitigates DDoS attacks.