Kia_Maryam.pdf (2.8 MB)
Download file

Early detection and mitigation of DDos Attacks in software defined networks

Download (2.8 MB)
thesis
posted on 22.05.2021, 15:32 by Maryam Kia
Software Defined networking (SDN) is a new approach for the design and management of computer networks. The main concept behind SDN is the separation of the network’s control and forwarding planes with the control plane moved to the centralized controller. In SDN networks with the centralized controller structure DDoS attacks can easily exhaust the controller's or the switches' computing and communication resources, thus, breakdown the network within a short time. In this thesis, the scheme, running at the controller, can detect DDoS attacks at the early stage. The method not only can detect the attacks but also identify the attacking paths and start a mitigation process to provide some degree of protection of the network devices the moment an attack is detected. The Proposed method is based on the Entropy variation of destination IP address, Flow initiation rate and study of the Flow specifications.

History

Language

eng

Degree

Master of Applied Science

Program

Computer Networks

Granting Institution

Ryerson University

LAC Thesis Type

Thesis