Detecting DDoS Attack on SDN Due to Vulnerabilities in OpenFlow

Abstract

Software Defined Networking (SDN) is a network paradigm shift that facilitates comprehensive network programmability to cope with emerging new technologies such as cloud computing and big data. SDN facilitates simplified and centralized network management enabling it to operate in dynamic scenarios. Further, SDN uses the OpenFlow protocol for communication between the controller and its switches. The OpenFlow creates vulnerabilities for network attacks especially Distributed Denial of Service (DDoS). DDoS attacks are launched from the compromised hosts connected to the SDN switches. In this paper, we introduce a time- and space-efficient solution for the identification of these compromised hosts. Our solution consumes less computational resources and space and does not require any special equipment.