A Method To Combat Against DoS Attack In SDN Network Architecture

Different from the traditional network, the idea of software defined network architecture is to separate the control and forwarding in the network. The switch in the network is no longer responsible for network control, but only responsible for the network forwarding. And the network is controlled by one or more centralized controllers. This architecture gives us an easy way to configure and manage the whole network, it makes the network programmable and flexible. As a matter of fact, it is conducive to the deployment of new network services, and it is also conducive to the security of traditional network. However, there are still a number of challenges that need to be resolved, especially in security matter.DoS attack against SDN controller is one of the security threats.Because of the communication mechanism between the network controller and the switch, the controller can easily become a potential target of attackers. The attackers create a series of attack traffic to attack the network controller, cause the paralysis of the controller. As the controller is paralysis, the flow table is no longer can be deployed to the switch, then the entire network will be greatly affected. Because the research of software defined network is still in the preliminary stage, and the eyes of scholars or research institutions are focused on the improvement of traditional network, the research on DoS attack against controller is very scarce. In this paper, we introduce the software defined network architecture and the OpenFlow protocol, and then we describe the principle of the DoS attack against the SDN controller. And then we propose a detection and defense strategy against this kind of DoS attack. In the attack detection, we propose a new method called differential variance detection.And we also propose a new defense mechanism, which is based on user behavior analysis and switch limiting strategy to protect the controller.Finally, the detection and defense strategy is combined with OpenDayLight controller, and the detection and defense strategy are simulated and validated.