SDNTruth: Innovative DDoS Detection Scheme for Software-Defined Networks (SDN)

Software-Defined Networks (SDN) are a trending technology in the modern Internet by splitting control and data planes and using a central controller. An SDN controller provides flexible flow management at wire-speed packet forwarding in the Internet. The centralized control allows to implement detection and mitigation of security attacks inside the SDN controller. Typically, Distributed Denial of Service (DDoS) attacks pose an immense threat to Internet security. However, the prediction and prevention of DDoS attacks in SDN environments are a huge challenge. In this paper, we introduce a mechanism to mitigate DDoS attacks in SDN using statistical analysis and traffic entropy. To validate the proposal, a prototype was built in the Mininet tool. The accuracy and training time were compared against different Machine Learning algorithms. Finally, we expound on the effectiveness and limitation of the proposed solution as well as show our research plans and further research opportunities.