Next Article in Journal
Matrix-Based Method for Inferring Elements in Data Attributes Using a Vector Space Model
Previous Article in Journal
Hybrid LSTM Neural Network for Short-Term Traffic Flow Prediction
Article Menu

Export Article

Open AccessArticle
Information 2019, 10(3), 106; https://doi.org/10.3390/info10030106

SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks

1
Department of Information Science and Technology, School of Technology and Architecture, ISCTE—Instituto Universitário de Lisboa, 1649-026 Lisbon, Portugal
2
Instituto de Telecomunicações (IT), ISCTE—Instituto Universitário de Lisboa, 1649-026 Lisbon, Portugal
3
Information Sciences, Technologies and Architecture Research Center (ISTAR-IUL), ISCTE—Instituto Universitário de Lisboa, 1649-026 Lisbon, Portugal
*
Author to whom correspondence should be addressed.
Received: 18 January 2019 / Revised: 27 February 2019 / Accepted: 4 March 2019 / Published: 8 March 2019
(This article belongs to the Special Issue Insider Attacks)
Full-Text   |   PDF [8869 KB, uploaded 8 March 2019]   |  
  |   Review Reports

Abstract

The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement a Software-Defined Intrusion Detection System (IDS) that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. Our proposal includes an IDS that automatically detects several DDoS attacks, and then as an attack is detected, it notifies a Software Defined Networking (SDN) controller. The current proposal also downloads some convenient traffic forwarding decisions from the SDN controller to network devices. The evaluation results suggest that our proposal timely detects several types of cyber-attacks based on DDoS, mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. Our work sheds light on the programming relevance over an abstracted view of the network infrastructure to timely detect a Botnet exploitation, mitigate malicious traffic at its source, and protect benign traffic. View Full-Text
Keywords: SDN; DDoS; IDS; mirroring; OpenFlow; botnet SDN; DDoS; IDS; mirroring; OpenFlow; botnet
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Manso, P.; Moura, J.; Serrão, C. SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks. Information 2019, 10, 106.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Information EISSN 2078-2489 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top