OPD: Network Packet Distribution after Achieving Equilibrium to Mitigate DDOS Attack

Crossfire Denial of Service (DDoS) is a new and organized type of attack to make the services of a target organization unavailable. The adversaries, in such attack, adveraremploy BOTs and decoy servers to flood critical links that are used to communicate with the target. In this paper, we propose an optimization framework, OPD (Optimized Packet Distributor), for distributing the packets in the most balanced way after a crossfire DDoS attack gets detected in a network. We formulate the network packet distribution problem as a non-linear link weight function and solved the optimization problem with a very efficient algorithm, Frank Wolf (FW). FW is the most efficient algorithm for solving convex set optimization problem. It achieves network equilibrium (or converges) with very few iterations. OPD will help the commonly used routing algorithm of Software Defined Network (SDN) by providing an optimized number of packets for each link. When a router sends a packet, it will follow the packet distribution proposed by OPD. We simulated a crossfire attack in NS2 simulator. The number of packets traveling in each link is collected for a given time frame from NS2. Based on this packet distribution, OPD proposes desired packet flows for the network. After evaluating the result of OPD, we have found that it can distribute the packets to the links that were less congested during the time of crossfire DDoS attack.