SlideShare ist ein Scribd-Unternehmen logo

Time-based DDoS Detection and Mitigation for SDN Controller

•Als PPTX, PDF herunterladen•
•
Lippo Group Digital
Lippo Group Digital

Poster apnoms2015 [Conference, Busan Sout Korea]

Ingenieurwesen
1 von 1
Time-based DDoS Detection and Mitigation for SDN Controller I Gde Dharma N., M. Fiqri Muthohar, Alvin Prayuda J. D., Priagung K., Deokjai Choi School of Electronics and Computer Engineering Chonnam National University Gwangju, South Korea gdebig@gmail.com, fiqri.muthohar@gmail.com, alvinprayuda@gmail.com, priagung.123@gmail.com, dchoi@jnu.ac.kr Introduction DDoS Attack Scenario • Software Defined Network (SDN) is a new paradigm network management that decouples control plane and data plan. • The control plane is usually called as the controller. Controller in SDN dictates the overall network behavior. Data plane is the network devices that act as simple packet forwarder. • From the security point of view, SDN introduces a new single point of failure. Since the controller is the main brain in the network, the performance of the network depends on it. If the controller is down or unreachable, the overall networks will collapse. • One of the attack methods that can be used to attack SDN controller is DDoS attack. DDoS attack also has many methods to overwhelm the resource of Controller. • DDoS attack sends a large number of packets in a certain time. The malicious packets that used for DDoS attack have the same destination and port addresses. • This packet also has a typical size that different with the legitimate packet. This characteristic has been studied in many papers to propose the detection and mitigation methods for DDoS attack. • However, the time duration of DDoS attack is rarely used. Research Objective • First, learns the potential vulnerabilities of SDN Controller operation that can be exploited for DDoS attack. • Explore the time characteristic of DDoS attack for SDN Controller. • Develop the method for DDoS attack detection and mitigation for SDN Controller. SDN Operation and DDoS Attack • SDN Controller basic operation is shown in the figure 1. • OpenFlow Protocol is widely used in current SDN. OpenFlow is responsible for the communication between OpenFlow Controller and OpenFlow Switch through the secure channel. • DDoS Attack exploit the size limitation of flow tables in SDN Controller. • This attack needs time to achieve high rate malicious packet. DDoS attacker also sometimes uses a periodic attack that held in certain time. This time characteristic of DDoS attack can be used to in detection method to increase the detection time before the DDoS attack achieve its goal. • Figure 2 shows the scenario of DDoS Attack that used in this research. Proposed DDoS Detect Method • The objective of the method is to detect and mitigate DDoS attack on SDN Controller. • This method not only considers the destination address for detection but also the time needed to achieve high rate traffic and time attack pattern of DDoS attack. • Time duration is used to detect the DDoS attack and time attack pattern is used to prevent DDoS attack in the future. • Assume 𝑃𝑛𝑣 is the number of non-valid packet that coming to flow control, t is time window, R is the volume of non-valid packet per time window, our method can be formulized as follow: 𝑅 = lim ∆𝑡→0 ∆𝑃𝑛𝑣 ∆𝑡 • The architecture of the proposed solution can be seen in figure 3. Evaluation Design • To evaluate our proposed method, we will investigate system resource usage (CPU, the number of flow entries) in SDN Controller and OpenFlow Switch. • To measure the detection performance, we use Detection Rate measurement (DR) and False Alarm rate (FA) Conclusion and Future Work This paper reports our ongoing effort on developing detection and mitigation method of DDoS attack on SDN controller. We have described the basic operation of SDN controller. We also have analyzed the potential vulnerabilities in SDN controller that can be exploited for DDoS attack. This method not only consider the malicious packet to detect DDoS attack, also consider time characteristic of DDoS attack. We also investigate the pattern of time DDoS attack for preventing DDoS attack in the future. In this paper, we have described our experiment scenario and also how to evaluate the performance of our method. For future work, we will investigate the better threshold for DDoS attack detection. We also will study deeper to cluster time pattern of DDoS attack. The goal is to find the best algorithm for clusters the DDoS attack time. Then, we will evaluate our proposed method in a simulation environment to find out the performance of our method based on our experimental plan.

Empfohlen

Entropy based DDos Detection in SDN
Entropy based DDos Detection in SDNEntropy based DDos Detection in SDN
Entropy based DDos Detection in SDNVishal Vasudev
 
DDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNDDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNChao Chen
 
DDoS Attack Preparation and Mitigation
DDoS Attack Preparation and MitigationDDoS Attack Preparation and Mitigation
DDoS Attack Preparation and MitigationJerod Brennen
 
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksSecurity Session
 
DDoS Attack
DDoS AttackDDoS Attack
DDoS AttackGopi Krishnan S
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)btpsec
 
DDoS attacks
DDoS attacksDDoS attacks
DDoS attacksCh Anas Irshad
 
DDoS-bdNOG
DDoS-bdNOGDDoS-bdNOG
DDoS-bdNOGZobair Khan
 

Empfohlen

Entropy based DDos Detection in SDN
Entropy based DDos Detection in SDNEntropy based DDos Detection in SDN
Entropy based DDos Detection in SDNVishal Vasudev
 
DDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNDDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNChao Chen
 
DDoS Attack Preparation and Mitigation
DDoS Attack Preparation and MitigationDDoS Attack Preparation and Mitigation
DDoS Attack Preparation and MitigationJerod Brennen
 
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksSecurity Session
 
DDoS Attack
DDoS AttackDDoS Attack
DDoS AttackGopi Krishnan S
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)btpsec
 
DDoS attacks
DDoS attacksDDoS attacks
DDoS attacksCh Anas Irshad
 
DDoS-bdNOG
DDoS-bdNOGDDoS-bdNOG
DDoS-bdNOGZobair Khan
 
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/... Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...Suhail Khan
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKSAnil Antony
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attackschris zlatis
 
1766 1770
1766 17701766 1770
1766 1770Editor IJARCET
 
Type of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleType of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleHimani Singh
 
10 DDoS Mitigation Techniques
10 DDoS Mitigation Techniques10 DDoS Mitigation Techniques
10 DDoS Mitigation TechniquesIntruGuard
 
DDoS Attack and Mitigation
DDoS Attack and MitigationDDoS Attack and Mitigation
DDoS Attack and MitigationDevang Badrakiya
 
Ddos and mitigation methods.pptx
Ddos and mitigation methods.pptxDdos and mitigation methods.pptx
Ddos and mitigation methods.pptxOzkan E
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...ShortestPathFirst
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackKaustubh Padwad
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS AttacksJignesh Patel
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningeSAT Publishing House
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
Ddos- distributed denial of service
Ddos- distributed denial of service Ddos- distributed denial of service
Ddos- distributed denial of service laxmi chandolia
 
DDoS Attack on DNS using infected IoT Devices
DDoS Attack on DNS using infected IoT DevicesDDoS Attack on DNS using infected IoT Devices
DDoS Attack on DNS using infected IoT DevicesSeungjoo Kim
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKSShaurya Gogia
 
Rise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - InfographicRise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - InfographicState of the Internet
 
Aw36294299
Aw36294299Aw36294299
Aw36294299IJERA Editor
 
Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...
Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...
Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...APNIC
 
cybersecuritydosattackUsingNS2[111].pptx
cybersecuritydosattackUsingNS2[111].pptxcybersecuritydosattackUsingNS2[111].pptx
cybersecuritydosattackUsingNS2[111].pptxharisbs369
 
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...IJCNCJournal
 

Weitere ähnliche Inhalte

Was ist angesagt?

Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/... Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...Suhail Khan
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKSAnil Antony
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attackschris zlatis
 
Type of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleType of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleHimani Singh
 
10 DDoS Mitigation Techniques
10 DDoS Mitigation Techniques10 DDoS Mitigation Techniques
10 DDoS Mitigation TechniquesIntruGuard
 
DDoS Attack and Mitigation
DDoS Attack and MitigationDDoS Attack and Mitigation
DDoS Attack and MitigationDevang Badrakiya
 
Ddos and mitigation methods.pptx
Ddos and mitigation methods.pptxDdos and mitigation methods.pptx
Ddos and mitigation methods.pptxOzkan E
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...ShortestPathFirst
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackKaustubh Padwad
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningeSAT Publishing House
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
Ddos- distributed denial of service
Ddos- distributed denial of service Ddos- distributed denial of service
Ddos- distributed denial of service laxmi chandolia
 
DDoS Attack on DNS using infected IoT Devices
DDoS Attack on DNS using infected IoT DevicesDDoS Attack on DNS using infected IoT Devices
DDoS Attack on DNS using infected IoT DevicesSeungjoo Kim
 
Rise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - InfographicRise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - InfographicState of the Internet
 
Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...
Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...
Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...APNIC
 

Was ist angesagt? (20)

Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/... Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attacks
 
1766 1770
1766 17701766 1770
1766 1770
 
Type of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleType of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 example
 
10 DDoS Mitigation Techniques
10 DDoS Mitigation Techniques10 DDoS Mitigation Techniques
10 DDoS Mitigation Techniques
 
DDoS Attack and Mitigation
DDoS Attack and MitigationDDoS Attack and Mitigation
DDoS Attack and Mitigation
 
Ddos and mitigation methods.pptx
Ddos and mitigation methods.pptxDdos and mitigation methods.pptx
Ddos and mitigation methods.pptx
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS Attacks
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learning
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack Prevention
 
Ddos- distributed denial of service
Ddos- distributed denial of service Ddos- distributed denial of service
Ddos- distributed denial of service
 
DDoS Attack on DNS using infected IoT Devices
DDoS Attack on DNS using infected IoT DevicesDDoS Attack on DNS using infected IoT Devices
DDoS Attack on DNS using infected IoT Devices
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
Rise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - InfographicRise of Dr Dos DDoS Attacks - Infographic
Rise of Dr Dos DDoS Attacks - Infographic
 
Aw36294299
Aw36294299Aw36294299
Aw36294299
 
Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...
Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...
Water Torture: A Slow Drip DNS DDoS Attack on QTNet by Kei Nishida [APRICOT 2...
 

Ähnlich wie Time-based DDoS Detection and Mitigation for SDN Controller

cybersecuritydosattackUsingNS2[111].pptx
cybersecuritydosattackUsingNS2[111].pptxcybersecuritydosattackUsingNS2[111].pptx
cybersecuritydosattackUsingNS2[111].pptxharisbs369
 
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...IJCNCJournal
 
DDoS Attacks Detection using Dynamic Entropy in Software-Defined Network Prac...
DDoS Attacks Detection using Dynamic Entropy in Software-Defined Network Prac...DDoS Attacks Detection using Dynamic Entropy in Software-Defined Network Prac...
DDoS Attacks Detection using Dynamic Entropy in Software-Defined Network Prac...IJCNCJournal
 
An intelligent system to detect slow denial of service attacks in software-de...
An intelligent system to detect slow denial of service attacks in software-de...An intelligent system to detect slow denial of service attacks in software-de...
An intelligent system to detect slow denial of service attacks in software-de...IJECEIAES
 
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEA MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEIJNSA Journal
 
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEA MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEIJNSA Journal
 
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEA MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEIJNSA Journal
 
IRJET- HHH- A Hyped-up Handling of Hadoop based SAMR-MST for DDOS Attacks...
IRJET- HHH- A Hyped-up Handling of Hadoop based SAMR-MST for DDOS Attacks...IRJET- HHH- A Hyped-up Handling of Hadoop based SAMR-MST for DDOS Attacks...
IRJET- HHH- A Hyped-up Handling of Hadoop based SAMR-MST for DDOS Attacks...IRJET Journal
 
IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...
IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...
IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...IRJET Journal
 
DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...
DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...
DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...cscpconf
 
APPLICATION-LAYER DDOS DETECTION BASED ON A ONE-CLASS SUPPORT VECTOR MACHINE
APPLICATION-LAYER DDOS DETECTION BASED ON A ONE-CLASS SUPPORT VECTOR MACHINEAPPLICATION-LAYER DDOS DETECTION BASED ON A ONE-CLASS SUPPORT VECTOR MACHINE
APPLICATION-LAYER DDOS DETECTION BASED ON A ONE-CLASS SUPPORT VECTOR MACHINEIJNSA Journal
 
Efficient ddos attacks security scheme using asvs
Efficient ddos attacks security scheme using asvsEfficient ddos attacks security scheme using asvs
Efficient ddos attacks security scheme using asvseSAT Publishing House
 
Efficient ddos attacks security scheme using asvs
Efficient ddos attacks security scheme using asvsEfficient ddos attacks security scheme using asvs
Efficient ddos attacks security scheme using asvseSAT Journals
 
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
 
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET Journal
 
network attacks
network attacks network attacks
network attacks MuskanSony
 
Study of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbedStudy of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbedeSAT Journals
 
Study of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedStudy of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedeSAT Publishing House
 
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMSA SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMSIJNSA Journal
 
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMSA SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMSIJNSA Journal
 

Ähnlich wie Time-based DDoS Detection and Mitigation for SDN Controller (20)

cybersecuritydosattackUsingNS2[111].pptx
cybersecuritydosattackUsingNS2[111].pptxcybersecuritydosattackUsingNS2[111].pptx
cybersecuritydosattackUsingNS2[111].pptx
 
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...
 
DDoS Attacks Detection using Dynamic Entropy in Software-Defined Network Prac...
DDoS Attacks Detection using Dynamic Entropy in Software-Defined Network Prac...DDoS Attacks Detection using Dynamic Entropy in Software-Defined Network Prac...
DDoS Attacks Detection using Dynamic Entropy in Software-Defined Network Prac...
 
An intelligent system to detect slow denial of service attacks in software-de...
An intelligent system to detect slow denial of service attacks in software-de...An intelligent system to detect slow denial of service attacks in software-de...
An intelligent system to detect slow denial of service attacks in software-de...
 
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEA MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
 
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEA MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
 
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUEA MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE
 
IRJET- HHH- A Hyped-up Handling of Hadoop based SAMR-MST for DDOS Attacks...
IRJET- HHH- A Hyped-up Handling of Hadoop based SAMR-MST for DDOS Attacks...IRJET- HHH- A Hyped-up Handling of Hadoop based SAMR-MST for DDOS Attacks...
IRJET- HHH- A Hyped-up Handling of Hadoop based SAMR-MST for DDOS Attacks...
 
IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...
IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...
IRJET- Detection of Distributed Denial-of-Service (DDos) Attack on Software D...
 
DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...
DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...
DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED ME...
 
APPLICATION-LAYER DDOS DETECTION BASED ON A ONE-CLASS SUPPORT VECTOR MACHINE
APPLICATION-LAYER DDOS DETECTION BASED ON A ONE-CLASS SUPPORT VECTOR MACHINEAPPLICATION-LAYER DDOS DETECTION BASED ON A ONE-CLASS SUPPORT VECTOR MACHINE
APPLICATION-LAYER DDOS DETECTION BASED ON A ONE-CLASS SUPPORT VECTOR MACHINE
 
Efficient ddos attacks security scheme using asvs
Efficient ddos attacks security scheme using asvsEfficient ddos attacks security scheme using asvs
Efficient ddos attacks security scheme using asvs
 
Efficient ddos attacks security scheme using asvs
Efficient ddos attacks security scheme using asvsEfficient ddos attacks security scheme using asvs
Efficient ddos attacks security scheme using asvs
 
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...
 
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
 
network attacks
network attacks network attacks
network attacks
 
Study of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbedStudy of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbed
 
Study of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedStudy of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbed
 
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMSA SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
 
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMSA SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
A SYSTEM FOR VALIDATING AND COMPARING HOST-BASED DDOS DETECTION MECHANISMS
 

Mehr von Lippo Group Digital

Behavior-Based Authentication System Based on Smartphone Life-Logs Data
Behavior-Based Authentication System Based on Smartphone Life-Logs DataBehavior-Based Authentication System Based on Smartphone Life-Logs Data
Behavior-Based Authentication System Based on Smartphone Life-Logs DataLippo Group Digital
 
The Cognitive Net is Coming
The Cognitive Net is ComingThe Cognitive Net is Coming
The Cognitive Net is ComingLippo Group Digital
 
The future internet web 3.0
The future internet web 3.0The future internet web 3.0
The future internet web 3.0Lippo Group Digital
 
A web based iptv content syndication system for personalized content guide
A web based iptv content syndication system for personalized content guideA web based iptv content syndication system for personalized content guide
A web based iptv content syndication system for personalized content guideLippo Group Digital
 
Caching in Information Centric Network (ICN)
Caching in Information Centric Network (ICN)Caching in Information Centric Network (ICN)
Caching in Information Centric Network (ICN)Lippo Group Digital
 
Decision tree and random forest
Decision tree and random forestDecision tree and random forest
Decision tree and random forestLippo Group Digital
 
Profiler for Smartphone Users Interests Using Modified Hierarchical Agglomera...
Profiler for Smartphone Users Interests Using Modified Hierarchical Agglomera...Profiler for Smartphone Users Interests Using Modified Hierarchical Agglomera...
Profiler for Smartphone Users Interests Using Modified Hierarchical Agglomera...Lippo Group Digital
 
Analisis performa kecepatan mapreduce pada hadoop menggunakan tcp packet flow...
Analisis performa kecepatan mapreduce pada hadoop menggunakan tcp packet flow...Analisis performa kecepatan mapreduce pada hadoop menggunakan tcp packet flow...
Analisis performa kecepatan mapreduce pada hadoop menggunakan tcp packet flow...Lippo Group Digital
 
Analisa pengaruh block size pada hdfs terhadap kecepatan
Analisa pengaruh block size pada hdfs terhadap kecepatanAnalisa pengaruh block size pada hdfs terhadap kecepatan
Analisa pengaruh block size pada hdfs terhadap kecepatanLippo Group Digital
 

Mehr von Lippo Group Digital (13)

Behavior-Based Authentication System Based on Smartphone Life-Logs Data
Behavior-Based Authentication System Based on Smartphone Life-Logs DataBehavior-Based Authentication System Based on Smartphone Life-Logs Data
Behavior-Based Authentication System Based on Smartphone Life-Logs Data
 
Domain specific IoT
Domain specific IoTDomain specific IoT
Domain specific IoT
 
Feature Selection
Feature Selection Feature Selection
Feature Selection
 
Fall detection
Fall detectionFall detection
Fall detection
 
The Cognitive Net is Coming
The Cognitive Net is ComingThe Cognitive Net is Coming
The Cognitive Net is Coming
 
The future internet web 3.0
The future internet web 3.0The future internet web 3.0
The future internet web 3.0
 
A web based iptv content syndication system for personalized content guide
A web based iptv content syndication system for personalized content guideA web based iptv content syndication system for personalized content guide
A web based iptv content syndication system for personalized content guide
 
Distance function
Distance functionDistance function
Distance function
 
Caching in Information Centric Network (ICN)
Caching in Information Centric Network (ICN)Caching in Information Centric Network (ICN)
Caching in Information Centric Network (ICN)
 
Decision tree and random forest
Decision tree and random forestDecision tree and random forest
Decision tree and random forest
 
Profiler for Smartphone Users Interests Using Modified Hierarchical Agglomera...
Profiler for Smartphone Users Interests Using Modified Hierarchical Agglomera...Profiler for Smartphone Users Interests Using Modified Hierarchical Agglomera...
Profiler for Smartphone Users Interests Using Modified Hierarchical Agglomera...
 
Analisis performa kecepatan mapreduce pada hadoop menggunakan tcp packet flow...
Analisis performa kecepatan mapreduce pada hadoop menggunakan tcp packet flow...Analisis performa kecepatan mapreduce pada hadoop menggunakan tcp packet flow...
Analisis performa kecepatan mapreduce pada hadoop menggunakan tcp packet flow...
 
Analisa pengaruh block size pada hdfs terhadap kecepatan
Analisa pengaruh block size pada hdfs terhadap kecepatanAnalisa pengaruh block size pada hdfs terhadap kecepatan
Analisa pengaruh block size pada hdfs terhadap kecepatan
 

KĂźrzlich hochgeladen

Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvLewisJB
 
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncWhy does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncssuser2ae721
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...121011101441
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...asadnawaz62
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Satyam Kumar
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Study on Air-Water & Water-Water Heat Exchange in a Finned ďťżTube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned ďťżTube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned ďťżTube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned ďťżTube ExchangerAnamika Sarkar
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfme23b1001
 
TechTACÂŽ CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTACÂŽ CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTACÂŽ CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTACÂŽ CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catcherssdickerson1
 

KĂźrzlich hochgeladen (20)

Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvv
 
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncWhy does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Study on Air-Water & Water-Water Heat Exchange in a Finned ďťżTube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned ďťżTube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned ďťżTube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned ďťżTube Exchanger
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdf
 
TechTACÂŽ CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTACÂŽ CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTACÂŽ CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTACÂŽ CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
 

Time-based DDoS Detection and Mitigation for SDN Controller

  • 1. Time-based DDoS Detection and Mitigation for SDN Controller I Gde Dharma N., M. Fiqri Muthohar, Alvin Prayuda J. D., Priagung K., Deokjai Choi School of Electronics and Computer Engineering Chonnam National University Gwangju, South Korea gdebig@gmail.com, fiqri.muthohar@gmail.com, alvinprayuda@gmail.com, priagung.123@gmail.com, dchoi@jnu.ac.kr Introduction DDoS Attack Scenario • Software Defined Network (SDN) is a new paradigm network management that decouples control plane and data plan. • The control plane is usually called as the controller. Controller in SDN dictates the overall network behavior. Data plane is the network devices that act as simple packet forwarder. • From the security point of view, SDN introduces a new single point of failure. Since the controller is the main brain in the network, the performance of the network depends on it. If the controller is down or unreachable, the overall networks will collapse. • One of the attack methods that can be used to attack SDN controller is DDoS attack. DDoS attack also has many methods to overwhelm the resource of Controller. • DDoS attack sends a large number of packets in a certain time. The malicious packets that used for DDoS attack have the same destination and port addresses. • This packet also has a typical size that different with the legitimate packet. This characteristic has been studied in many papers to propose the detection and mitigation methods for DDoS attack. • However, the time duration of DDoS attack is rarely used. Research Objective • First, learns the potential vulnerabilities of SDN Controller operation that can be exploited for DDoS attack. • Explore the time characteristic of DDoS attack for SDN Controller. • Develop the method for DDoS attack detection and mitigation for SDN Controller. SDN Operation and DDoS Attack • SDN Controller basic operation is shown in the figure 1. • OpenFlow Protocol is widely used in current SDN. OpenFlow is responsible for the communication between OpenFlow Controller and OpenFlow Switch through the secure channel. • DDoS Attack exploit the size limitation of flow tables in SDN Controller. • This attack needs time to achieve high rate malicious packet. DDoS attacker also sometimes uses a periodic attack that held in certain time. This time characteristic of DDoS attack can be used to in detection method to increase the detection time before the DDoS attack achieve its goal. • Figure 2 shows the scenario of DDoS Attack that used in this research. Proposed DDoS Detect Method • The objective of the method is to detect and mitigate DDoS attack on SDN Controller. • This method not only considers the destination address for detection but also the time needed to achieve high rate traffic and time attack pattern of DDoS attack. • Time duration is used to detect the DDoS attack and time attack pattern is used to prevent DDoS attack in the future. • Assume 𝑃𝑛𝑣 is the number of non-valid packet that coming to flow control, t is time window, R is the volume of non-valid packet per time window, our method can be formulized as follow: 𝑅 = lim ∆𝑡→0 ∆𝑃𝑛𝑣 ∆𝑡 • The architecture of the proposed solution can be seen in figure 3. Evaluation Design • To evaluate our proposed method, we will investigate system resource usage (CPU, the number of flow entries) in SDN Controller and OpenFlow Switch. • To measure the detection performance, we use Detection Rate measurement (DR) and False Alarm rate (FA) Conclusion and Future Work This paper reports our ongoing effort on developing detection and mitigation method of DDoS attack on SDN controller. We have described the basic operation of SDN controller. We also have analyzed the potential vulnerabilities in SDN controller that can be exploited for DDoS attack. This method not only consider the malicious packet to detect DDoS attack, also consider time characteristic of DDoS attack. We also investigate the pattern of time DDoS attack for preventing DDoS attack in the future. In this paper, we have described our experiment scenario and also how to evaluate the performance of our method. For future work, we will investigate the better threshold for DDoS attack detection. We also will study deeper to cluster time pattern of DDoS attack. The goal is to find the best algorithm for clusters the DDoS attack time. Then, we will evaluate our proposed method in a simulation environment to find out the performance of our method based on our experimental plan.