Print Email Facebook Twitter HTTPScout Title HTTPScout: A Machine Learning based Countermeasure for HTTP Flood Attacks in SDN Author Mohammadi, Reza (Bu-Ali Sina University) Lal, C. (TU Delft Cyber Security) Conti, M. (TU Delft Cyber Security; Università degli Studi di Padova) Date 2022 Abstract Nowadays, the number of Distributed Denial of Service (DDoS) attacks is growing rapidly. The aim of these type of attacks is to make the prominent and critical services unavailable for legitimate users. HTTP flooding is one of the most common DDoS attacks and because of its implementation in application layer, it is difficult to detect and prevent by the current defense mechanisms. This attack not only makes the web servers unavailable, but consumes the computational resources of the network equipment and congests communication links. Recently, the advent of Software Defined Networking (SDN) paradigm has enabled the network providers to detect and mitigate application layer DDoS attacks such as HTTP flooding. In this paper, we propose a defense mechanism named HTTPScout which leverages the benefits of SDN together with Machine Learning (ML) techniques to detect and mitigate HTTP flooding attack. HTTPScout is implemented as a security module in RYU controller and monitors the behavior of HTTP traffic flows. Upon detecting a malicious flow, it blocks the source of the attack at the edge switch and preserves the network resources from the adversarial effects of the attack. Simulation results confirm that HTTPScout brings a significant improvement of 64% in bandwidth consumption and 80% in the number of forwarding rules compared to normal SDN. Subject DDoSFlooding attackMachine learningSDN To reference this document use: http://resolver.tudelft.nl/uuid:13eb5f3c-c4ef-41c6-b94e-6aeb28cdc41c DOI https://doi.org/10.1007/s10207-022-00641-3 Embargo date 2023-06-05 ISSN 1615-5262 Source International Journal of Information Security, 22 (2023) (2), 367-379 Bibliographical note Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. Part of collection Institutional Repository Document type journal article Rights © 2022 Reza Mohammadi, C. Lal, M. Conti Files PDF s10207_022_00641_3.pdf 905.14 KB Close viewer /islandora/object/uuid:13eb5f3c-c4ef-41c6-b94e-6aeb28cdc41c/datastream/OBJ/view