Article Details

Prevention of DDoS Attacks in SDN by Using Virtual IP Addresses | Original Article

Sanjeetha R.*, Monisha B., Anita Kanavalli, in Journal of Advances in Science and Technology | Science & Technology


DDoS is one of the most common attack that is prevalent in traditional networks, it also has its implications on Software Defined Networks (SDN). SDN is a new network architecture which separates the data plane from the control plane. In traditional networks an attack is performed by first identifying the IP addresses of the victim machine and then sending huge amounts of unnecessary data to it. A similar attack can also be performed on servers that are present in SDN. In our paper we propose a method wherein the real ipaddress of important servers can be hidden thereby preventing the DDoS attack. A DDoS Detection and Prevention modules are deployed on the SDN controller. The DDoS detection module identifies that there is a DDoS attack and differentiates legitimate clients from botnets. The DDoS prevention module generates virtual ipaddresses for every real ipaddress dynamically that changes regularly after some interval. The SDN controller makes use of the results of these two modules and installs rules into flow table such that only the legitimate clients will be provided with the real ipaddress whereas the botnets are blocked by dropping their requests.