International Journal on Advanced Science, Engineering and Information Technology, Vol. 8 (2018) No. 2, pages: 365-370, DOI:10.18517/ijaseit.8.2.5036

Improving DDoS Detection Accuracy Using Six-Sigma in SDN Environment

Achmad Khalif Hakim, Maman Abdurohman, Fazmah Arif Yulianto


This paper proposes the new method for improving the accuracy of detection of DDoS attacks on the SDN by utilizing control plane using Six-Sigma method. Software-Defined Networking (SDN) is a centralized network control system. This system offers flexibility on receiving, processing and forwarding packets between subnetworks. The centralized system of SDN, which separates control plane and data plan, has an immense number of advantages, but it also has the risk of becoming a single point of network failure. Distributed Denial of Service (DDoS) attack is the major issues faced in the security aspect of SDN. This attack can make network resources unreachable by the real packets. The widely known method has been implemented on SDN for avoiding a DDoS attack is Three-Sigma method. Three-Sigma method uses a threshold value to determine the existence of a DDoS attack. However, this method has drawbacks regarding accuracy in determining the DDoS attack. The main contribution of this paper is utilizing central control plane of SDN for improving accuracy on detecting the DDoS attack. Several experiments performed for proving the concept. The result shows the new method can improve the accuracy of detection of a DDoS attack, either in constant or fluctuating traffic, by reducing the false positive. The performance is about 50% more accurate than the previous method.


Software-Defined Networking (SDN); Distributed Denial of Service (DDoS); three-sigma; six-sigma

Viewed: 168 times (since Sept 4, 2017)

cite this paper     download