Open AccessAdaptive Suspicious Prevention for Defending DoS Attacks in SDN-Based Convergent Networks
Author(s) -
NhuNgoc Dao,
Joongheon Kim,
MinHo Park,
Sungrae Cho
Publication year - 2016
Publication title -
plos one
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.99
H-Index - 332
ISSN - 1932-6203
DOI - 10.1371/journal.pone.0160375
Subject(s) - openflow , computer science , software defined networking , denial of service attack , computer network , context (archaeology) , multiprotocol label switching , resilience (materials science) , protocol (science) , controller (irrigation) , networking hardware , vulnerability (computing) , enhanced data rates for gsm evolution , distributed computing , computer security , quality of service , the internet , telecommunications , medicine , paleontology , physics , alternative medicine , pathology , world wide web , agronomy , biology , thermodynamics
The convergent communication network will play an important role as a single platform to unify heterogeneous networks and integrate emerging technologies and existing legacy networks. Although there have been proposed many feasible solutions, they could not become convergent frameworks since they mainly focused on converting functions between various protocols and interfaces in edge networks, and handling functions for multiple services in core networks, e.g., the Multi-protocol Label Switching (MPLS) technique. Software-defined networking (SDN), on the other hand, is expected to be the ideal future for the convergent network since it can provide a controllable, dynamic, and cost-effective network. However, SDN has an original structural vulnerability behind a lot of advantages, which is the centralized control plane. As the brains of the network, a controller manages the whole network, which is attractive to attackers. In this context, we proposes a novel solution called adaptive suspicious prevention (ASP) mechanism to protect the controller from the Denial of Service (DoS) attacks that could incapacitate an SDN. The ASP is integrated with OpenFlow protocol to detect and prevent DoS attacks effectively. Our comprehensive experimental results show that the ASP enhances the resilience of an SDN network against DoS attacks by up to 38%.