by Yubaraj Gautam 1, Kazuhiko Sato 1, Bishnu Prasad Gautam 2,*
1 Division of Information and Electronic Engineering, Muroran Institute of Technology, Muroran, 050-0071, Japan
2 Department of Economic Informatics, Kanazawa Gakuen University, Kanazawa, 920-1392, Japan
* Author to whom correspondence should be addressed.
Journal of Engineering Research and Sciences, Volume 1, Issue 5, Page # 88-101, 2022; DOI: 10.55708/js0105010
Keywords: Software Defined Network, Flooding Attack, Layer Based Security Architecture
Received: 28 February 2022, Accepted: 27 April 2022, Published Online: 12 May 2022
JENRS
AMA Style
Chicago/Turabian Style
IEEE Style
Software-Defined Networking (SDN) is an emerging Network technology that can augment the data plane with control plane by using programming technique. However, there are a numbers of security challenges which are required to address to achieve secured communication. Flooding attack is one of the most common threats on the internet for the last decades which is becoming the challenging issues in SDN networks too. To address these issues, we proposed a novel firewall application developed based on the multiple stages of packets filtering technique to provide flooding attack prevention system and layer-based packets detection system. In this research, we are using two main stages to detect the flooding attack and mitigate the flooding packets. The first stage is to identify the attacks and, the second stage is to identify the attacker’s information and act them based on layer-based packet header entity. The system contains two security entities to identify the flooding attacks, one is by measuring the packet size, and the other is by counting the packets flow. We used the details of packets flow to control over the flow and to identify the attacks being occurred or not. Along with, to identify the attacker’s information, we used layers (layer 2 to layer 4) based packet header entities by using multi-table architecture. The proposed solution was tested for different attack scenarios and successfully reduced the flow of volume-based bulk-size flooding attack and infinite packets flooding attack in SDN network.
This sidebar is currently being updated and may temporarily overlap with the pages.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.