An Efficient IDS Framework for DDoS Attacks in SDN Environment

Varghese, Josy Elsa and Muniyal, Balachandra (2021) An Efficient IDS Framework for DDoS Attacks in SDN Environment. IEEE Access, 9. pp. 69680-69699. ISSN 2169-3536

[img] PDF
12348.pdf - Published Version
Restricted to Registered users only

Download (6MB) | Request a copy

Abstract

T The rapid usage of the Internet for the last few decades has lead to the deployment of high-speed networks in commercial and educational institutions. As network traffic is increasing, security challenges are also increasing in the high-speed network. Although the Intrusion Detection System (IDS) has a significant role in spotting potential attacks, the heavy traffic flow causes severe technical challenges relating to monitoring and detecting the network activities. Moreover, the devastating nature of the Distributed Denial�of-Service (DDoS) attack draws out as a significant cyber-attack regardless of the emergence of Software Defined Network (SDN) architecture. This paper proposes a novel framework to address the performance issues of IDS and the design issues of SDN about DDoS attacks by incorporating intelligence in the data layer using Data Plane Development Kit (DPDK) in the SDN architecture. This novel framework is named as DPDK based DDoS Detection (D3) framework, since DPDK provides fast packet processing and monitoring in the data plane. Moreover, the statistical anomaly detection algorithm implemented in the data plane as Virtual Network Function (VNF) using DPDK offers fast detection of DDoS attacks. The experimental results of the D3 framework guarantee both efficiency and effect of the novel IDS framework. The publicly available CIC DoS datasets also ensure the detection effect of a single statistical anomaly detection algorithm against the DDoS attack

Item Type: Article
Uncontrolled Keywords: Data plane development kit (DPDK), denial of service attack (DoS), DPDK based DoS detection (D3) framework, high-speed network, intrusion detection system (IDS), software defined network (SDN), virtual network function (VNF)
Subjects: Engineering > MIT Manipal > Information and Communication Technology
Depositing User: MIT Library
Date Deposited: 15 Jul 2021 07:15
Last Modified: 15 Jul 2021 07:15
URI: http://eprints.manipal.edu/id/eprint/156974

Actions (login required)

View Item View Item