IEEE Access (Jan 2018)
An Efficient SDN-Based DDoS Attack Detection and Rapid Response Platform in Vehicular Networks
Abstract
With the prosperity of wireless networks, vehicular networks (VNs) have been extensively studied in recent years. It is deployed to ensure road safety, enhance the driving experience, and reduce traffic congestion. However, VNs are vulnerable to various attacks, especially Distributed Denial of Service (DDoS) that attackers control a large number of compromise nodes inside the networks to occupy the network resources of legitimate users and impact the communication among vehicles and between vehicles and infrastructure. In this paper, we design a platform to efficiently detect and rapidly respond to the DDoS attack in VNs based on software-defined networking (SDN). The proposed platform not only contains the trigger mechanism based on the message of OpenFlow protocol (i.e., PACKET_IN message) for a response not timely but also involves a flow feature extraction strategy based on the multi-dimensional information. Moreover, we construct an effective global network flow table feature values based on OpenFlow flow table feature and the entropy feature of flow table entry. We determine all flow table entry by the trained SVM. By analyzing the simulation results, we verify that the detection scheme effectively reduces the time for starting attack detection and classification recognition and has a lower false alarm rate.
Keywords