UCSY's Research Repository

Flooding Attack Detection and Mitigation in Software-Defined Networking

Show simple item record

dc.contributor.author Oo, Nan Haymarn
dc.date.accessioned 2020-01-14T08:22:44Z
dc.date.available 2020-01-14T08:22:44Z
dc.date.issued 2019-10
dc.identifier.uri http://onlineresource.ucsy.edu.mm/handle/123456789/2471
dc.description.abstract Flooding attack is a network attack that sends a large amount of traffic to the victim networks or services with the aim of causing denial-of-service. In SoftwareDefined Networking (SDN) environment, this attack might not only breach the hosts and services but also the SDN controller. Besides, it will also cause disconnection of links between the controller and the switches. Thus, an effective detection and mitigation technique of flooding attack is required. Statistical analysis techniques are widely used for detection and mitigation of flooding attack. However, the effectiveness of these techniques strongly depends on the defined threshold. Defining the static threshold is a tedious job and most of the time produces a high false positive alarm. In this system, we proposed the dynamic threshold which is calculated using Modified Adaptive Threshold Algorithm (MATA). The original Adaptive Threshold Algorithm (ATA) is based on the Exponential Weighted Moving Average (EWMA) formula which produces high number of false alarms. To reduce the false alarms, the alarm signal will only be generated after a minimum number of consecutive violations of the threshold. This however has increased the false negative rate when the network is under attack. In order to reduce this false negative rate, MATA adapted the baseline traffic information of the network infrastructure. The comparative analysis of MATA and ATA is performed through the measurement of false negative rate, and accuracy of detection rate. The experimental results show that MATA is able to reduce false negative rate up to 17.74% and increase the detection accuracy of 16.11% over the various types of flooding attacks at the transport layer. en_US
dc.language.iso en en_US
dc.publisher University of Computer Studies, Yangon en_US
dc.title Flooding Attack Detection and Mitigation in Software-Defined Networking en_US
dc.type Thesis en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search Repository



Browse

My Account

Statistics