A Fault Tolerant Multi-Controller Framework for SDN DDoS Attacks Detection

Network communication shows a variety of issues with the fast expansion of computer devices, ranging from network administration to traffic engineering. A well-known method for improving these connections is Software-Defined Networking (SDN). The SDN is a networking architecture that separates the control plane from the data plane to ease network administration. The main advantage of the SDN is the central controller. However, it has security flaws like unreachability in Distributed Denial-of-Service attacks (DDoS). Hence, defending SDN against DDoS attacks is critical. We proposed a framework for detecting DDoS attacks and a fault-tolerant method to replace faulty leader controller in distributed multi-controller SDN. We used multi-controllers architecture and leader election algorithm to present a fault-tolerant framework to select a new leader controller, in the case of a leader controller failure. In addition, an early DDoS attack detection algorithm using the entropy of destination IP addresses and the packet window initiation rate is presented. To evaluate our proposed method in various configurations, we simulated exhaustive experiments in Mininet and Floodlight. The results show that our approach outperforms similar algorithms in various network configurations and multi-victim attacks.