부산대학교 도서관

SDNs or Software Defined Networks differ from traditional networks due to the separation of the control and data plane. However, it is this centralized control that makes SDNs prone to DDoS attacks if the network operations are not addressed properly. One of the ways to cause DDoS is through an influx of control messages (PACKET_IN); due to the Flow Table Miss-entry rule, such attacks can be carried out rather easily. In this work, the aim is to look at DDoS attacks targeting the controller by generating large PACKET_IN traffic from switches and overwhelming them with large amounts of new requests. Such an attack causes the controller to not be able to serve even legitimate traffic. This research looks at effective detection and mitigation techniques utilizing the SNORT IDS that may be used to prevent such attacks from causing any significant harm to the network.