Elsevier

Computers & Electrical Engineering

A protocol for cluster confirmations of SDN controllers against DDoS attacks

Abstract

Software-Defined Networking (SDN) makes it easier to manage the network by separating the Data plane and Control plane, but these networks are susceptible to DDoS attacks. Most well-known algorithms for reducing the effects of DDoS attacks are based on SDN traffic analysis and prediction. Their main problems are false positive/negative results. Therefore, we propose PATGEN, a Protocol to reduce the effects of DDoS ATtacks using an advanced GENetic algorithm with optimized and new operators, thereby significantly reducing the effects of attacks and increasing the efficiency of the multi-controller SDN. Using the robust initial population procedure increases the convergence speed of the algorithm. Unlike other methods, PATGEN is possible without using external resources. Experimental results show that PATGEN increases the throughput and reduces the average delay compared to states of the art methods.

Introduction

Software-Defined Networking (SDN) is emerging rapidly to support dynamic network operations by separating the data plane from the control plane. The logical process and efficiency of SDN networks are mainly based on software controllers (control plane). The SDN enables network-programming capability and can solve many of the challenges of network management.

The use of SDN is increasing by the day. In the transportation industry, businesses from small local networks to massive cloud computing for process large amounts of data all benefit from SDN. Simplicity, high flexibility, and low cost are essential reasons for the widespread use of SDN. However, separating the control plane from the data plane has made these networks always attractive targets for attackers because disrupting the control unit will disrupt the whole network. In Distributed Denial of Service (DDoS) attacks, multiple systems attack a resource through numerous Internet connections, while in a DOS attack, a system attacks a source through an Internet connection.

In the SDN-managed network, when a new packet arrives at the switch and the switch is unable to find the matching and correct flow entry, it sends the packet to the controller. When the DDoS attacks occur, it exploits the same SDN feature and sends a large number of packets to the SDN network. These packets reach the controller for management, and the controller creates new flow entries corresponding to these fake packets, which fills the entire flow table in SDN switches and reduces or cuts performance.

This paper introduces PATGEN, a Protocol to reduce the effects of DDoS ATtacks using an advanced GENetic algorithm on multi-controller SDN networks. Besides, a load balancing procedure is used to prevent controllers from being idle or overloaded. The network we have considered in this article consists of different domains, and the SDN controller is provided for each domain. We have chosen the multi-controller SDN systems for the study because a system with only one controller will fail in large and bulky networks due to the massive influx of requests. With the explosive growth of scale and traffic networks, multiple controls must be deployed to improve the scalability and reliability of the control plane. We use a load balancer to avoid the excessive number of flow tables and lack of resources in the network. Finally, the load balancer reduces network latency and increases performance.

By experimenting on the SDN network with different scenarios, as shown in this paper, we concluded that our proposed method achieved consistently better performance than either the basic SDN or recent method in this field. The proposed protocol is also evaluated with both malicious workloads and legal workloads. The throughput results, the number of packets processed by the controllers, the CPU speed, and the delay indicate that the proposed protocol is highly efficient.

The rest of this paper is organized as follows. Section 2 discusses related work. Section 3 introduces the PATGEN protocol, and its details will be provided. Details of the evaluation and experiments are given in Section 4, and conclusions with consideration for future work are presented in the final section of the paper.

Section snippets

Related work

For preventing the impacts of DDoS attacks, most related works focused on analyzing attacks. However, the fundamental defects of these methods are false positives or false negatives. Notably, several mitigation methods have been proposed, with the focus being on the use of centralized control operations to reduce the effects of DDoS attacks. Alqahtani's method [1] for mitigation of the effects of DDoS attacks is based on replication, so that it also uses several auxiliary controllers in

PATGEN design

In this section, we present the design of PATGEN, a controller clustering and DDoS attack effect reducing protocol. PATGEN reduces the effects of DDoS attacks using a multi-level method. Our method has three levels include finding bottlenecks, controller selecting, and SDN controller cluster conformations. At the level of finding bottlenecks, controllers that are overloaded are identified. At the selection level, a controller is selected as the selection header to coordinate the clustering

Performance evaluation

We have implemented the simulation within the SDN simulator, the Mininet. The SDN network is simulated with five controllers as a multi-controller. We used a Memcached system [20] to share status information between network controllers. Memcached is a general-purpose memory caching system. The system used a client-driven architecture and can run across several different machines. For the evaluation of PATGEN, we have used concurrent malicious and correct datasets. A DDoS ​​attack is performed

Conclusions and Future work

This paper introduces a protocol for reducing the impact of distributed denial of service attacks in software-defined networks. A gossip-based method is used to detect attacks, and multiple controllers are clustered by optimized and improved the genetic algorithm. Moreover, a robust algorithm is used to select the header controller and increase the genetic algorithm's convergence speed to determine the optimal number of controllers in each cluster. We have used a load balancer at runtime to

Author Statement

We thank the anonymous reviewers for their constructive comments that helped improve the quality of the article. We also thank the esteemed editor and his cooperation and feedback that helped further the paper.

Declaration of Competing Interest

The authors declare no conflict of interest.

Amir Iranmanesh received the B.S. degree from Bahonar University and received his master's degree in information technology engineering from the Graduate University of Advanced Technology in 2017, Iran. he is currently a Ph.D. student in the School of Electrical and Computer Engineering, College of Engineering, University of Tehran, Iran. His research interests include network security, cloud computing, and software-defined networking.

Cited by (1)

Amir Iranmanesh received the B.S. degree from Bahonar University and received his master's degree in information technology engineering from the Graduate University of Advanced Technology in 2017, Iran. he is currently a Ph.D. student in the School of Electrical and Computer Engineering, College of Engineering, University of Tehran, Iran. His research interests include network security, cloud computing, and software-defined networking.

Hamid Reza Naji is Associate Professor of Computer Engineering with a demonstrated history of working in the higher education and industry. He has PhD in Computer Engineering from The University of Alabama in Huntsville, AL, USA. He is currently Associate Professor at The Department of Computer Engineering and Information Technology in The Graduate University of Advanced Technology, Iran.

View full text