Vol.69, No.1, 2021, pp.373-391, doi:10.32604/cmc.2021.017972
OPEN ACCESS
ARTICLE
Entropy-Based Approach to Detect DDoS Attacks on Software Defined Networking Controller
  • Mohammad Aladaileh1, Mohammed Anbar1,*, Iznan H. Hasbullah1, Yousef K. Sanjalawe1,2, Yung-Wey Chong1
1 National Advanced IPv6 Centre of Excellence, Universiti Sains Malaysia, Penang, Malaysia
2 Department of Computer Sciences, Northern Border University, Ar’ar, Kingdom of Saudi Arabia
* Corresponding Author: Mohammed Anbar. Email:
Received 19 February 2021; Accepted 24 March 2021; Issue published 04 June 2021
Abstract
The Software-Defined Networking (SDN) technology improves network management over existing technology via centralized network control. The SDN provides a perfect platform for researchers to solve traditional network’s outstanding issues. However, despite the advantages of centralized control, concern about its security is rising. The more traditional network switched to SDN technology, the more attractive it becomes to malicious actors, especially the controller, because it is the network’s brain. A Distributed Denial of Service (DDoS) attack on the controller could cripple the entire network. For that reason, researchers are always looking for ways to detect DDoS attacks against the controller with higher accuracy and lower false-positive rate. This paper proposes an entropy-based approach to detect low-rate and high-rate DDoS attacks against the SDN controller, regardless of the number of attackers or targets. The proposed approach generalized the Rényi joint entropy for analyzing the network traffic flow to detect DDoS attack traffic flow of varying rates. Using two packet header features and generalized Rényi joint entropy, the proposed approach achieved a better detection rate than the EDDSC approach that uses Shannon entropy metrics.
Keywords
Software-defined networking; DDoS attack; distributed denial of service; Rényi joint entropy
Cite This Article
M. Aladaileh, M. Anbar, I. H. Hasbullah, Y. K. Sanjalawe and Y. Chong, "Entropy-based approach to detect ddos attacks on software defined networking controller," Computers, Materials & Continua, vol. 69, no.1, pp. 373–391, 2021.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.