Prevention of DDos attack on primary server in software defined networks using controller by packet header translation

Abstract

DDoS attacks are instigated by intruders on primary servers which provide important services like file service, web service etc., by sending huge amount of unwanted traffic. Routers in traditional systems simply forward such traffic to the victim servers without understanding its implications. However, such attacks can be identified and mitigated by controller in Software Defined Networks (SDN). In this paper we show how DDoS attack on primary servers in an SDN environment, can be mitigated by controller with the help of packet header translation. The traffic sent to the target server will be first intercepted by the controller to check whether it is attack traffic or genuine traffic, after which only the genuine traffic is forwarded to the server while the attack traffic is dropped.