Loading...
Design and Analysis of Anomaly Detection and Mitigation Schemes for Distributed Denial of Service Attacks in Software Defined Network. An Investigation into the Security Vulnerabilities of Software Defined Network and the Design of Efficient Detection and Mitigation Techniques for DDoS Attack using Machine Learning Techniques
Sangodoyin, Abimbola O.
Sangodoyin, Abimbola O.
An error occurred retrieving the object's statistics
Publication Date
2019
End of Embargo
Supervisor
Awan, Irfan U.
Hu, Yim Fun
Pillai, Prashant
Hu, Yim Fun
Pillai, Prashant
Rights
The University of Bradford theses are licenced under a Creative Commons Licence.
Peer-Reviewed
Open Access status
Accepted for publication
Institution
University of Bradford
Department
Faculty of Engineering and Informatics
Awarded
2019
Embargo end date
Additional title
Abstract
Software Defined Networks (SDN) has created great potential and hope to
overcome the need for secure, reliable and well managed next generation
networks to drive effective service delivery on the go and meet the demand
for high data rate and seamless connectivity expected by users. Thus, it
is a network technology that is set to enhance our day-to-day activities.
As network usage and reliance on computer technology are increasing
and popular, users with bad intentions exploit the inherent weakness of
this technology to render targeted services unavailable to legitimate users.
Among the security weaknesses of SDN is Distributed Denial of Service
(DDoS) attacks.
Even though DDoS attack strategy is known, the number of successful
DDoS attacks launched has seen an increment at an alarming rate over
the last decade. Existing detection mechanisms depend on signatures of
known attacks which has not been successful in detecting unknown or
different shades of DDoS attacks. Therefore, a novel detection mechanism
that relies on deviation from confidence interval obtained from the normal
distribution of throughput polled without attack from the server. Furthermore, sensitivity analysis to determine which of the network metrics (jitter, throughput and response time) is more sensitive to attack by
introducing white Gaussian noise and evaluating the local sensitivity using feed-forward artificial neural network is evaluated. All metrics are sensitive in detecting DDoS attacks. However, jitter appears to be the most sensitive to attack. As a result, the developed framework provides
an avenue to make the SDN technology more robust and secure to DDoS
attacks.
Version
Citation
Link to publisher’s version
Link to published version
Link to Version of Record
Type
Thesis
Qualification name
PhD