DDos attacks are a great threat to cybersecurity and are in fact a common attack that victimizes many computer systems. While there has been previous research into detecting such attacks, Software-Defined Networking or SDN presents a novel angle to attack this problem. SDN is a network framework that essentially separates data and control planes in order to provide a more adaptable control over network analysis. By splitting up network analysis into data and control planes, we save CPU usage and are actually able to narrow down DDOS detection to network switches. Researchers in this paper used a “lightweight DDOS detection algorithm known as FORT” to perform the network edge switch analysis. Using FORT, there was a significant reduction in the false alarms regarding DDOS attacks.
Author:
Kun Jia, Chaoge Liu, Qixu Liu, Junnan Wang, Jiazhi Liu & Feng Liu
