FlowTrApp: An SDN based architecture for DDoS attack detection and mitigation in data centers

摘要

Distributed Denial of Service attack (DDoS) is one of the severe security problems in data centers. In present times, data center operators adopt several hardware based dedicated measures for detection and mitigation of such attacks. It is a challenging task always to detect and mitigate DDoS attacks completely. Software Defined Network (SDN) provides a central control over the network which helps in getting the global view of the network. In this paper, we propose an SDN framework for data centers named FlowTrApp which performs DDoS detection and mitigation using some bounds on two per flow based traffic parameters i.e., flow rate and flow duration of a flow. It attempts to detect attack traffic ranging from low rate to high rate and long lived to short lived attacks using an SDN engine consisting of sFlow based flow analytics engine sFlow-RT and an OpenFlow controller. The proposed framework of FlowTrApp has been implemented in mininet emulator which outperforms an OpenFlow based QoS approach for DoS attack mitigation.