Risk Assessment Method for Host Nodes in Software Defined Networking

Software Defined Networking (SDN) technology improves the flexibility and scalability of the network by separating the control plane from the data plane. However, because of its centralized control and other characteristics, the SDN controller has become the main target of attack and Distributed Denial of Service (DDoS) attack is one of the threats. Its large number of spoofed packets can take up the controlleru0027s resources, causing the controller to continuously process invalid traffic and run out of resources. Aiming at the DDoS attack in SDN, this paper proposes a risk assessment method for host nodes. First, we set up dangerous nodes in the topology, simulate the DDoS attack against them, and count the number of attacked events of each node. Then the risk coefficient of host nodes is calculated based on Beta distribution to make risk assessment. The experimental results show that our method can make a accurate risk assessment to the nodes, so that we can protect the high-risk nodes and improve the security of SDN.