ISDSDN: Mitigating SYN Flood Attacks in Software Defined Networks
- PDF / 2,422,053 Bytes
- 25 Pages / 439.37 x 666.142 pts Page_size
- 30 Downloads / 210 Views
ISDSDN: Mitigating SYN Flood Attacks in Software Defined Networks Basheer Al‑Duwairi1 · Eslam Al‑Quraan1 · Yazeed AbdelQader1 Received: 1 October 2019 / Revised: 12 May 2020 / Accepted: 18 May 2020 © Springer Science+Business Media, LLC, part of Springer Nature 2020
Abstract Software defined networking (SDN) has emerged over the past few years as a novel networking technology that enables fast and easy network management. Separating the control plane and the data plane in SDNs allows for dynamic network management, implementation of new applications, and implementing network specific functions in software. This paper addresses the problem of SYN flood attacks in SDNs which are considered among the most challenging threats because their effect exceeds the targeted end system to the controller and TCAM of OpenFlow switches. These attacks exploit the three-way handshaking connection establishment mechanism in TCP, where attackers overwhelm the victim machine with flood of spoofed SYN packets resulting in a large number of half-open connections that would never complete. Therefore, degrading the performance of the controller and populating OpenFlow switches’ TCAMs with spoofed entries. In this paper, we propose ISDSDN, a mechanism for SYN flood attack mitigation in software defined networks. The proposed mechanism adopts the idea of intentional dropping to distinguish between legitimate and attack SYN packets in the context of software defined networks. ISDSDN is implemented as an extension module of POX controller and is evaluated under different attack scenarios. Performance evaluation shows that the proposed mechanism is very effective in defending against SYN flood attacks. Keywords DDoS · SDN · Network security · Intentional dropping · TCAM
* Basheer Al‑Duwairi [email protected] Eslam Al‑Quraan [email protected] Yazeed AbdelQader [email protected] 1
Department of Network Engineering & Security, Jordan University of Science & Technology, Irbid 22110, Jordan
13
Vol.:(0123456789)
Journal of Network and Systems Management
1 Introduction Software-defined networking (SDN) has emerged as a new networking paradigm that is based on the separation between control plane and data plane. This technology is becoming a reality as more and more IT firms and Internet Service Providers (ISPs) are adopting this promising network architecture in their data centers and core networks [1]. In this architecture, the control logic is implemented in a centralized SDN controller that orchestrates the operation of the whole network. The communication between the application layer and the control plane layer is supported through a set of open Application Programming Interfaces (APIs) known as the northbound interfaces. Data plane layer is abstracted by network devices that simply forward traffic based on forwarding rules provided by the controller. The communication between the centralized SDN controller and data plain switches is governed by the OpenFlow protocol via the southbound interfaces. OpenF
Data Loading...
