SecureSDN -- mitigating DDoS attacks in software defined networks

Abstract

Software Defined Networks (SDN) is a powerful paradigm that allows administrators to have a global view of the network and configure data flows using central controllers without the need to manually configure switches. As all new technologies, SDN can be used to mitigate known attacks, but it also has vulnerabilities that can be exploited. This project is interested in mitigating Distributed Denial of Service (DDoS) Attacks in SDN networks.DDoS attacks remain a great threat to the Internet. The recent years have witnessed an increasing variety on the types and increasing sizes of DDoS attacks. New attacks, called Application-Layer DDoS (AppDDoS), exploit application layer protocols (HTTP and SIP) instead of transport layer protocols (ICMP, UDP, TCP). Amplification Attacks (AmpDDoS) exploit the networking infrastructure (e.g, NTP servers) to carry out huge volume attacks (in the order of Gpbs). Finally, SDN-DDoS attacks have exploited SDN vulnerabilities to carry out new attacks in SDN.In this project, we will extend to SDN our methods for mitigating low-rate AppDDoS based on selective strategies developed in the scope of the project GT-ACTIONS together with our partner the RNP. Exploiting the fact that SDNs have a global view of the network, we can mitigate High-Rate AppDDoS attacks and AmpDDoS. On the other hand, by using selective strategies, we can mitigate SDN-DDoS that exploit SDN vulnerabilities such as Rule Inundation Attack. SecureSDN will propose, model, implement, simulate and validate in SDNs defenses using selective strategies. (AU)