ADDRESSING SECURITY ISSUES IN SOFTWARE DEFINED NETWORKS

Abstract

Abstract Software-Defined Networking (SDN) is an innovative networking model that decouples forwarding hardware from control decisions. It promises to facilitate innovation and evolution while simplifying network management. Denial of service (DoS) and distributed denial of service (DDoS) attacks are dreadful security challenges in SDNs. For example, these attacks could flood the data, control, or communication channels. Attacking the control plane might cause a failure of the entire network while attacking the data plane or the communication channel could cause packet loss and network unavailability. We present various contributions that shed light on the problem of DoS/DDoS attacks in SDNs in this research work, giving a thorough background on the topic and including an analysis of the attacks and available countermeasures. We examine and systematize the strategies that combat DoS and DDoS threats in SDNs through the lenses of intrinsic and extrinsic approaches. Finally, we propose DeMi, a lightweight DoS detection and mitigation method, as well as heavy-load management. The proposed approach aims to secure the components of the SDN to protect against DoS attacks. Results of our proposed solution are staggering: for instance, when DeMi is deployed, in an attack scenario, the number of exchanged control packets is roughly similar to the attack-free scenario---without DeMi, the number of control packets in the network is 2,7 times more than what experienced in an attack-free setting. As per the number of re-transmitted packets, again, DeMi is able to achieve a re-transmission rate similar to an attack-free scenario---without DeMi, the number of packets that need to be re-transmitted is roughly 3,7 times the number of packets re-transmission occurring in an attack-free scenario. The novelty of the approach, the demonstrated complete end-to-end solution, and the quality of the achieved experimental results, other than being interesting on their own, do pave the way for further research in this field.

Date of Award	2023
Original language	American English
Awarding Institution	HBKU College of Science and Engineering