Detection and mitigation of UDP flooding attack in a multicontroller software defined network using secure flow management model

摘要

Software-Defined Networking (SDN) simplifies the network management and provides a way tovirtualize, configure, and manage the network infrastructure centrally. The central managementhas been exhibited by reinforcing an SDN controller, which separates the network dataplane from the control functions and is responsible for managing the flows. DistributedDenial-of-Service (DDoS) attacks are the most threatening issue among many security attacks,and it makes the services unavailable in a network. The flow management done by thecontroller is disrupted when one or more malicious host flood User Datagram Protocol (UDP)packets in the network, focusing on exhausting the bandwidth of the controller. It results indegrading the performance of the controller, leading to control plane saturation. A Secure FlowManagement model (SFM), which dynamically identifies and mitigates the UDP flooding attackin a multicontroller SDN has been proposed. The proposed model is a practically applicabledefense mechanism against volumetric attack, and it tries to secure the control plane bandwidth.The SFM has been experimented as an extension of the RYU controller and has exploited theattack under different traffic scenarios. Further, an analysis has been made on response timeand the CPU utilization taken by the controller to recover from the DoS attack.