Detecting and Mitigating Distributed Denial of Service Attacks in Software-Defined Networking

Distributed denial of service (DDoS) attacks are common network attacks that primarily target Internet of Things (IoT) devices. They are critical for emerging wireless services, especially for applications with limited latency. DDoS attacks pose significant risks to entrepreneurial businesses, preventing legitimate customers from accessing their websites. These attacks require intelligent analytics before processing service requests. Distributed denial of service (DDoS) attacks exploit vulnerabilities in IoT devices by launching multi-point distributed attacks. These attacks generate massive traffic that overwhelms the victim’s network, disrupting normal operations. The consequences of distributed denial of service (DDoS) attacks are typically more severe in software-defined networks (SDNs) than in traditional networks. The centralised architecture of these networks can exacerbate existing vulnerabilities, as these weaknesses may not be effectively addressed in this model. The preliminary objective for detecting and mitigating distributed denial of service (DDoS) attacks in software-defined networks (SDN) is to monitor traffic patterns and identify anomalies that indicate distributed denial of service (DDoS) attacks. It implements measures to counter the effects of DDoS attacks, and ensure network reliability and availability by leveraging the flexibility and programmability of SDN to adaptively respond to threats. The authors present a mechanism that leverages the OpenFlow and sFlow protocols to counter the threats posed by DDoS attacks. The results indicate that the proposed model effectively mitigates the negative effects of DDoS attacks in an SDN environment.