DOI : https://doi.org/10.18517/ijaseit.8.2.5036

Improving DDoS Detection Accuracy Using Six-Sigma in SDN Environment

Achmad Khalif Hakim (1), Maman Abdurohman (2), Fazmah Arif Yulianto (3)
(1) Telkom Indonesia Corp.
(2) Telkom University
(3) Telkom University
Fulltext View | Download
How to cite (IJASEIT) :
Hakim, Achmad Khalif, et al. “Improving DDoS Detection Accuracy Using Six-Sigma in SDN Environment”. International Journal on Advanced Science, Engineering and Information Technology, vol. 8, no. 2, Mar. 2018, pp. 365-70, doi:10.18517/ijaseit.8.2.5036.
Citation Format :
This paper proposes the new method for improving the accuracy of detection of DDoS attacks on the SDN by utilizing control plane using Six-Sigma method. Software-Defined Networking (SDN) is a centralized network control system. This system offers flexibility on receiving, processing and forwarding packets between subnetworks. The centralized system of SDN, which separates control plane and data plan, has an immense number of advantages, but it also has the risk of becoming a single point of network failure. Distributed Denial of Service (DDoS) attack is the major issues faced in the security aspect of SDN. This attack can make network resources unreachable by the real packets. The widely known method has been implemented on SDN for avoiding a DDoS attack is Three-Sigma method. Three-Sigma method uses a threshold value to determine the existence of a DDoS attack. However, this method has drawbacks regarding accuracy in determining the DDoS attack. The main contribution of this paper is utilizing central control plane of SDN for improving accuracy on detecting the DDoS attack. Several experiments performed for proving the concept. The result shows the new method can improve the accuracy of detection of a DDoS attack, either in constant or fluctuating traffic, by reducing the false positive. The performance is about 50% more accurate than the previous method.

B. B. Gupta, Manoj Misra, R. C. Joshi, An ISP Level Solution to Combat DDoS Attacks using Combined Statistical Based Approach, 2008.

Mousavi, S.M “Early Detection of DDoS Attacks in Software Defined Networks Controller”. Carleton University. Canada. https://curve.carleton.ca/system/files/etd/. 2014.

Yadav, A., Radadiya, M., Tilva, M., Rohokale, V. “SDN Control Plan Security in Cloud Computing Against DDOS Attack”. www.ijariie.com. 2016.

C. Dillon, M. Berkelaar , “OpenFlow (D)DoS Mitigation”, 2014

S. Das, G. Parulkar, N. McKeown, “Unifying Packet and Circuit Networks”, Below IP Networking (BIPN), November 2009. (S, G, & N, 2009)

Alvaro Garcia de la Villa, Tuomas Aura, Aapo Kalliola, Distributed Denial of Service Attacks defenses and OpenFlow: Implementing denial-of-service defense mechanisms with software defined networking, 2014.

Saurav Das, Guru Parulkar, Nick McKeown. Unifying Packet and Circuit Switched Networks with OpenFlow. 2009

Siamak Azodolmolky, software defined network with OpenFlow, 2013

Varun Tiwari, Rushit Parekh and Vishal Patel. A Survey on Vulnerabilities of OpenFlow Network and its Impact on SDN/OpenFlow Controller. in World Academics Journal of Engineering Sciences 2014

Wolfgang Braun, Michael Menth, Software-Defined Networking Using OpenFlow: Protocols, Applications and Architectural Design Choices, 2014.

Chun-Yu Hsu, Pang-Wei Tsai, Hou-Yi Chou, Mon-Yen Luo,Chu-Sing Yang, 1A Flow-based Method to Measure Traffic Statistics in Software Defined Network, 2014.

S. Akbar Mehdi, J. Khalid, and S. Ali Khayam, Revisiting Traffic Anomaly Detection using Software-Defined Networkinging, 2011

Open Networking Foundation, OpenFlow Switch Speci_cation v1.0, 2009

Authors who publish with this journal agree to the following terms:

    1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
    2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
    3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).