A lightweight blockchain based scalable and collaborative mitigation framework against new flow DDoS attacks in SDN enabled autonomous systems

Abstract

The New-flow based DDoS attacks are new kinds of attacks that pose a severe threat to SDN-Enabled AS by exploiting vulnerabilities of the centralized SDN controller. This research paper proposes the lightweight blockchain-based framework for Scalable and Collaborative DDoS Mitigation in SDN-Enabled Autonomous Systems (LiBSCOM-AS). LiBSCOM-AS consist of three interconnected modules:(1) Information theory-based (Entropy-based) detection module that detects New-flow based DDoS attacks in real-time by analyzing the anomalies in network traffic specifically in source IP, destination IP and Packet-In message entropies at the P4 SDN switches and SDN controller (2) a lightweight Characterization module that segregates genuine traffic from the attack traffic with minimum computational overhead (3) a Blockchain-based mitigation and a threat Information Sharing that confirms secure and coordinated attack response through Unified smart contract for Intra- and Inter-domain AS to provide decentralized enforcement and tamper-resistant logging. With the experimental evaluations and existing data set analysis, LiBSCOM-AS provides an efficient and effective mitigation strategy for minimizing the impact of New-flow based DDoS attacks in SDN-enabled autonomous systems. By leveraging SDN and blockchain, LiBSCOM-AS offers scalable, robust DDoS defenses. The system is implemented using Ethereum’s Ropsten and Hyperledger Fabric for inter- and intra-domain AS, respectively. Experimental results show the system’s detection accuracy of 99.9875%, reduced complexity from O(N)+O(K) to O(S) characterization overhead. The proposed approach significantly reduces gas costs, achieving approximately 96.71–96.80% gas reduction compared to other blockchain-based approaches.