Software defined network-based HTTP flooding attack defender

Journal article (2022)

Authors

Reza Mohammadi Bu-Ali Sina University, Hamadan

C. Lal Cyber Security -

M. Conti Cyber Security - , University of Padua

Lokesh Sharma Manipal University Jaipur

Research Group

Cyber Security () (TU Delft)

DOI: https://doi.org/10.1016/j.compeleceng.2022.108019

SDN Entropy Hellinger distance HTTP flooding attack

More Info

expand_more

To reference this document use:

http://resolver.tudelft.nl/uuid:985a3ea6-0897-46cb-b571-678533bfa56c

Published Date

2022

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Department

Intelligent Systems

Research Group

Cyber Security

Abstract

In recent years, the explosive growth of the Internet has led to an increment in the number of Distributed Denial of Service (DDoS) attacks. HTTP Flooding is a critical DDoS attack that targets HTTP servers to prohibit users from receiving HTTP services. Moreover, it saturates the link bandwidth and consumes network resources. Because the attack is launched at the application layer, it is difficult to defend against it using current countermeasures such as firewall or Intrusion Prevention System (IPS). In this paper, we propose SHFD, which leverages the Software-Defined Networking (SDN) paradigm to mitigate HTTP flooding attacks. We implement SHFD as a defender module on the SDN controller to detect and mitigate the attack in the first place. Experimental results gathered from Mininet confirm that SHFD brings a significant improvement of 13% in detection time and 29% in the number of blocked malicious flows compared to the state-of-the-art approaches.

Files

1_s2.0_S0045790622002841_main.... (.pdf)

(.pdf | 1.5 Mb)