DDoS attack detection and mitigation with sFlow-based SDN system
This dissertation introduces the use of sFlow-Based SDN system to detect and mitigate DDoS attacks initiated inside SDN. As a new type of network paradigm, SDN decouples the data plane from the control plane, making it more convenient to manage and control the network than traditional networks. Sinc...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis-Master by Coursework |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/152893 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-152893 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1528932023-07-04T17:40:07Z DDoS attack detection and mitigation with sFlow-based SDN system Xu, Congjian Ma Maode School of Electrical and Electronic Engineering EMDMa@ntu.edu.sg Engineering::Electrical and electronic engineering::Computer hardware, software and systems This dissertation introduces the use of sFlow-Based SDN system to detect and mitigate DDoS attacks initiated inside SDN. As a new type of network paradigm, SDN decouples the data plane from the control plane, making it more convenient to manage and control the network than traditional networks. Since the functions of the SDN control plane are highly concentrated in the SDN controller, such a high degree of centralization brings more vulnerability to attacks and leads to the paralysis of the entire network, such as DDoS attacks. Therefore, in order to better improve the security performance of SDN, some scholars have proposed the SNORT-Based SDN system. By using SNORT IDS to detect DDoS attacks, the SDN controller cooperates with SNORT IDS to mitigate DDoS attacks. In view of some of the shortcomings in the combination of SNORT IDS itself and SDN, we propose to use the sFlow architecture to join the SDN system to form an sFlow-Based SDN system. Through design experiment comparison, this paper confirms that the two are effective in the detection and mitigation of DDoS attacks, and through the comparison of mitigation time, it shows that the sFlow-Based SDN system is better than the SNORT-Based SDN system. Master of Science (Communications Engineering) 2021-10-13T04:48:23Z 2021-10-13T04:48:23Z 2021 Thesis-Master by Coursework Xu, C. (2021). DDoS attack detection and mitigation with sFlow-based SDN system. Master's thesis, Nanyang Technological University, Singapore. https://hdl.handle.net/10356/152893 https://hdl.handle.net/10356/152893 en application/pdf Nanyang Technological University |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Electrical and electronic engineering::Computer hardware, software and systems |
| spellingShingle |
Engineering::Electrical and electronic engineering::Computer hardware, software and systems Xu, Congjian DDoS attack detection and mitigation with sFlow-based SDN system |
| description |
This dissertation introduces the use of sFlow-Based SDN system to detect and mitigate DDoS attacks initiated inside SDN. As a new type of network paradigm, SDN decouples the data plane from the control plane, making it more convenient to manage and control the network than traditional networks. Since the functions of the SDN control plane are highly concentrated in the SDN controller, such a high degree of centralization brings more vulnerability to attacks and leads to the paralysis of the entire network, such as DDoS attacks. Therefore, in order to better improve the security performance of SDN, some scholars have proposed the SNORT-Based SDN system. By using SNORT IDS to detect DDoS attacks, the SDN controller cooperates with SNORT IDS to mitigate DDoS attacks. In view of some of the shortcomings in the combination of SNORT IDS itself and SDN, we propose to use the sFlow architecture to join the SDN system to form an sFlow-Based SDN system. Through design experiment comparison, this paper confirms that the two are effective in the detection and mitigation of DDoS attacks, and through the comparison of mitigation time, it shows that the sFlow-Based SDN system is better than the SNORT-Based SDN system. |
| author2 |
Ma Maode |
| author_facet |
Ma Maode Xu, Congjian |
| format |
Thesis-Master by Coursework |
| author |
Xu, Congjian |
| author_sort |
Xu, Congjian |
| title |
DDoS attack detection and mitigation with sFlow-based SDN system |
| title_short |
DDoS attack detection and mitigation with sFlow-based SDN system |
| title_full |
DDoS attack detection and mitigation with sFlow-based SDN system |
| title_fullStr |
DDoS attack detection and mitigation with sFlow-based SDN system |
| title_full_unstemmed |
DDoS attack detection and mitigation with sFlow-based SDN system |
| title_sort |
ddos attack detection and mitigation with sflow-based sdn system |
| publisher |
Nanyang Technological University |
| publishDate |
2021 |
| url |
https://hdl.handle.net/10356/152893 |
| _version_ |
1772826992982360064 |