Abstract
The issue on defensing against Distributed Denial of Service (DDoS) attacks in Software Defined Networks (SDN) has been highly concerned by academe and industry. The existing studies cannot eliminate the false positives by using the simple classification algorithms. In this paper, we analyze the essential difference between DDoS attacks and flash crowds which causes some similar consequences to DDoS. Accordingly we design a novel effective Entropy-based DDoS Defense Mechanism (EDDM) running on the SDN controller, which including a two-stage DDoS detection method. Compared with the existing works, the EDDM avoids the dropping of legitimate packets and minimizes the losses of legitimate users. Simulations demonstrate that the EDDM can distinguish the DDoS attacks from flash crowds, find the locations of bots, and block attack packets at source effectively.
Author supplied keywords
Cite
CITATION STYLE
Jiang, Y., Zhang, X., Zhou, Q., & Cheng, Z. (2018). An entropy-based ddos defense mechanism in software defined networks. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (Vol. 209, pp. 169–178). Springer Verlag. https://doi.org/10.1007/978-3-319-66625-9_17
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
