SDN based DDoS flooding attacks defense in cloud environment

Abstract

Cloud computing is one of the recent technology that provides different services from different platform for the users at any time, at anywhere using internet without any limitations. As cloud computing providing this service, the most serious challenge is that, a DDoS attack which interrupt an online service by generating a high volume of malicious traffic, which is called flooding-attack. Moreover, DDoS attack consumes all the available network resources thus rendering legitimate users unable to access the services. To tackle this problem different research works have been done and proposed to defeat this type of attack in traditional and SDN networks for the cloud computing systems. In this thesis, we developed and investigated a pushback distributed defense mechanism or framework for private as well as public network domain DDoS attacks. The defense system has three major components: traffic monitoring with detection, attack identification and traffic control. The components are inter-dependent and working in hierarchical fashion. The traffic monitoring scheme monitors only high-rate outgoing flows at victim networks and identify the source of an attack in the network. Once the source of an attack is identified the traffic control daemon apply an ingress filtering to drops the packets belonging to these flows. Based on the rules implemented on the controller the rate limiting mechanism, limit the rate of an incoming traffic to the victim node and filter the traffic in its source network controller. For Distributed DDoS attack, the controller at the malicious source node network send a pushback request message to apply a rule to the victim node controller. The proposed framework is evaluated with different performance metrics to analyze the detection of rate of an attack traffic, throughput, link bandwidth, attack and legitimate traffic drop rate, and system resource consumption during normal and attack state. The simulation model is designed and aII number of simulation experiments have been done on mininet virtual network setup. The results demonstrate that the scheme is capable of detecting flooding-based DDoS attacks, and the pushback defense framework can effectively mitigate attack traffic in order to sustain the quality of service for legitimate traffic