Premium
Throttle: An efficient approach to mitigate distributed denial of service attacks on software‐defined networks
Author(s) -
Olakanmi Oladayo Olufemi,
Odeyemi Kehinde Oluwasesan
Publication year - 2021
Publication title -
security and privacy
Language(s) - English
Resource type - Journals
ISSN - 2475-6725
DOI - 10.1002/spy2.158
Subject(s) - denial of service attack , computer science , host (biology) , scheme (mathematics) , distributed computing , computer security , computer network , bandwidth throttling , application layer ddos attack , the internet , engineering , operating system , mechanical engineering , ecology , mathematical analysis , mathematics , gas compressor , biology
Abstract Recently, different approaches such as statistical methods, genetic algorithm, hidden Markov, fuzzy logic, and blockchain have been adopted to detect and prevent distributed denial of services (DDoS) on software‐defined networks. However, most of these methods are not only complex but are also not adaptive, therefore adversaries with high computational resources can successfully launch DDoS attacks. In this work, we propose a security scheme capable of detecting DDoS attacks and throttling down traffics coming from the suspected hosts irrespective of their computational power. To achieve this, we develop three essential models for the scheme for predicting the volume of traffics from different hosts, determining the processing load of the network, and throttling down traffics from the suspicious hosts. We also develop a time tracking digital signature for determining the traffic pattern and sources of traffics. The simulation results show that the scheme is adaptive, efficient, and capable of detecting identity theft and resource exhaustion‐based DDoS attacks without denying services to a legitimate host.