Software defined network-based HTTP flooding attack defender
Reza Mohammadi (Bu-Ali Sina University, Hamadan)
C. Lal (TU Delft - Cyber Security)
Mauro Conti (TU Delft - Cyber Security, University of Padua)
Lokesh Sharma (Manipal University Jaipur)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
In recent years, the explosive growth of the Internet has led to an increment in the number of Distributed Denial of Service (DDoS) attacks. HTTP Flooding is a critical DDoS attack that targets HTTP servers to prohibit users from receiving HTTP services. Moreover, it saturates the link bandwidth and consumes network resources. Because the attack is launched at the application layer, it is difficult to defend against it using current countermeasures such as firewall or Intrusion Prevention System (IPS). In this paper, we propose SHFD, which leverages the Software-Defined Networking (SDN) paradigm to mitigate HTTP flooding attacks. We implement SHFD as a defender module on the SDN controller to detect and mitigate the attack in the first place. Experimental results gathered from Mininet confirm that SHFD brings a significant improvement of 13% in detection time and 29% in the number of blocked malicious flows compared to the state-of-the-art approaches.