Detection and Mitigation of Low and Slow DDoS attack in an SDN environment

Submitted by grigby1 on Thu, 06/22/2023 - 2:15pm

Title	Detection and Mitigation of Low and Slow DDoS attack in an SDN environment
Publication Type	Conference Paper
Year of Publication	2022
Authors	Sai, A N H Dhatreesh, Tilak, B H, Sanjith, N Sai, Suhas, Padi, Sanjeetha, R
Conference Name	2022 International Conference on Distributed Computing, VLSI, Electrical Circuits and Robotics ( DISCOVER)
Keywords	composability, Computer crime, DDoS attack detection, DDoS attack mitigation, denial-of-service attack, Floods, Human Behavior, Low and Slow Distributed Denial of Service (DDoS) attacks, Metrics, Protocols, pubcrawl, resilience, Resiliency, Servers, Slowloris, software defined networking, software defined networking (SDN), Very large scale integration
Abstract	Distributed Denial of Service (DDoS) attacks aim to make a server unresponsive by flooding the target server with a large volume of packets (Volume based DDoS attacks), by keeping connections open for a long time and exhausting the resources (Low and Slow DDoS attacks) or by targeting protocols (Protocol based attacks). Volume based DDoS attacks that flood the target server with a large number of packets are easier to detect because of the abnormality in packet flow. Low and Slow DDoS attacks, however, make the server unavailable by keeping connections open for a long time, but send traffic similar to genuine traffic, making detection of such attacks difficult. This paper proposes a solution to detect and mitigate one such Low and slow DDoS attack, Slowloris in an SDN (Software Defined Networking) environment. The proposed solution involves communication between the detection and mitigation module and the controller of the Software Defined Network to get data to detect and mitigate low and slow DDoS attack.
DOI	10.1109/DISCOVER55800.2022.9974724
Citation Key	sai_detection_2022

Groups:

Science of Security VO