Sdn-Specific Ddos/Lddos And The Machine Learning Based Detection

Xiaofan Chen,Shunzheng Yu
2016-01-01
Abstract:We study two types of attacks particularly targeting SDN, i.e. controller-targeting DDoS and switch-targeting LDDoS (low-rate DDoS). Attackers of DDoS generate special packets to overload the bandwidth and computation resource of SDN controller. Attackers of LDDoS generate special packets periodically to overload the flow table of SDN switch. A new collaborative intrusion detection system is proposed in this paper to detect such attacks. It consists of cascaded two-level artificial neural networks which are distributed over the entire substrate of SDN. Each neural network disperses its computation power over the network that requires every participating switch to perform like a neuron. The first level neural networks discover the anomaly with a global view, while the second level one classifies the attacks based on their time pattern. Therefore, the system is robust without individual centralized targets and has a global view on the distributed attack without aggregating traffic over the network. Simulation results demonstrate its effectiveness.
What problem does this paper attempt to address?