DDoS attack detection and mitigation with sFlow-based SDN system
This dissertation introduces the use of sFlow-Based SDN system to detect and mitigate DDoS attacks initiated inside SDN. As a new type of network paradigm, SDN decouples the data plane from the control plane, making it more convenient to manage and control the network than traditional networks. Sinc...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis-Master by Coursework |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/152893 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | This dissertation introduces the use of sFlow-Based SDN system to detect and mitigate DDoS attacks initiated inside SDN. As a new type of network paradigm, SDN decouples the data plane from the control plane, making it more convenient to manage and control the network than traditional networks. Since the functions of the SDN control plane are highly concentrated in the SDN controller, such a high degree of centralization brings more vulnerability to attacks and leads to the paralysis of the entire network, such as DDoS attacks. Therefore, in order to better improve the security performance of SDN, some scholars have proposed the SNORT-Based SDN system. By using SNORT IDS to detect DDoS attacks, the SDN controller cooperates with SNORT IDS to mitigate DDoS attacks. In view of some of the shortcomings in the combination of SNORT IDS itself and SDN, we propose to use the sFlow architecture to join the SDN system to form an sFlow-Based SDN system. Through design experiment comparison, this paper confirms that the two are effective in the detection and mitigation of DDoS attacks, and through the comparison of mitigation time, it shows that the sFlow-Based SDN system is better than the SNORT-Based SDN system. |
|---|