Mitigating while Accessing:A Lightweight Defense Framework Against Link Flooding Attacks in SDN

Link flooding attack(LFA)is a type of covert distributed denial of service(DDoS)attack.The attack mechanism of LFAs is to flood critical links within the network to cut off the target area from the Internet.Recently,the proliferation of Internet of Things(IoT)has increased the quantity of vulnerable devices connected to the network and has intensified the threat of LFAs.In LFAs,attackers typically utilize low-speed flows that do not reach the victims,making the attack difficult to detect.Traditional LFA defense methods mainly reroute the attack traffic around the congested link,which encounters high complexity and high computational overhead due to the aggregation of massive attack traffic.To address these challenges,we present an LFA defense framework which can mitigate the attack flows at the border switches when they are small in scale.This framework is lightweight and can be deployed at border switches of the network in a distributed manner,which ensures the scalability of our defense system.The performance of our framework is assessed in an experimental environment.The simulation results indicate that our method is effective in detecting and mitigating LFAs with low time complexity.

ReLFA:Resist Link Flooding Attacks via Renyi Entropy and Deep Reinforcement Learning in SDN-IoT

Link flooding attack(LFA)is a fresh distributed denial of service attack(DDoS).Attackers can cut off the critical links,making the services in the target area unavailable.LFA manipulates legal lowspeed flow to flood critical links,so traditional technologies are difficult to resist such attack.Meanwhile,LFA is also one of the most important threats to Internet of things(IoT)devices.The introduction of software defined network(SDN)effectively solves the security problem of the IoT.Aiming at the LFA in the software defined Internet of things(SDN-IoT),this paper proposes a new LFA mitigation scheme ReLFA.Renyi entropy is to locate the congested link in the data plane in our scheme,and determines the target links according to the alarm threshold.When LFA is detected on the target links,the control plane uses the method based on deep reinforcement learning(DRL)to carry out traffic engineering.Simulation results show that ReLFA can effectively alleviate the impact of LFA in SDN IoT.In addition,the rerouting time of ReLFA is superior to other latest schemes.

A Secure DHCP Protocol to Mitigate LAN Attacks

Network security has become more of a concern with the rapid growth and expansion of the Internet. While there are several ways to provide security in the application, transport, or network layers of a network, the data link layer (Layer 2) security has not yet been adequately addressed. Data link layer protocols used in local area networks (LANs) are not designed with security features. Dynamic host configuration protocol (DHCP) is one of the most used network protocols for host configuration that works in data link layer. DHCP is vulnerable to a number of attacks, such as the DHCP rouge server attack, DHCP starvation attack, and malicious DHCP client attack. This work introduces a new scheme called Secure DHCP (S-DHCP) to secure DHCP protocol. The proposed solution consists of two techniques. The first is the authentication and key management technique that is used for entities authentication and management of security key. It is based on using Diffie-Hellman key exchange algorithm supported by the difficulty of Elliptic Curve Discrete Logarithm Problem (ECDLP) and a strong cryptographic one-way hash function. The second technique is the message authentication technique, which uses the digital signature to authenticate the DHCP messages exchanged between the clients and server.

Enhanced DDoS Detection Using Advanced Machine Learning and Ensemble Techniques in Software Defined Networking

Detecting sophisticated cyberattacks,mainly Distributed Denial of Service(DDoS)attacks,with unexpected patterns remains challenging in modern networks.Traditional detection systems often struggle to mitigate such attacks in conventional and software-defined networking(SDN)environments.While Machine Learning(ML)models can distinguish between benign and malicious traffic,their limited feature scope hinders the detection of new zero-day or low-rate DDoS attacks requiring frequent retraining.In this paper,we propose a novel DDoS detection framework that combines Machine Learning(ML)and Ensemble Learning(EL)techniques to improve DDoS attack detection and mitigation in SDN environments.Our model leverages the“DDoS SDN”dataset for training and evaluation and employs a dynamic feature selection mechanism that enhances detection accuracy by focusing on the most relevant features.This adaptive approach addresses the limitations of conventional ML models and provides more accurate detection of various DDoS attack scenarios.Our proposed ensemble model introduces an additional layer of detection,increasing reliability through the innovative application of ensemble techniques.The proposed solution significantly enhances the model’s ability to identify and respond to dynamic threats in SDNs.It provides a strong foundation for proactive DDoS detection and mitigation,enhancing network defenses against evolving threats.Our comprehensive runtime analysis of Simultaneous Multi-Threading(SMT)on identical configurations shows superior accuracy and efficiency,with significantly reduced computational time,making it ideal for real-time DDoS detection in dynamic,rapidly changing SDNs.Experimental results demonstrate that our model achieves outstanding performance,outperforming traditional algorithms with 99%accuracy using Random Forest(RF)and K-Nearest Neighbors(KNN)and 98%accuracy using XGBoost.