Applying Packet Score Technique in SDN for DDoS Attack Detection

International Journal of Computer Science and Engineering
© 2018 by SSRG - IJCSE Journal
Volume 5 Issue 6
Year of Publication : 2018
Authors : Sangeetha M.V, Bhavithra J

How to Cite?

Sangeetha M.V, Bhavithra J, "Applying Packet Score Technique in SDN for DDoS Attack Detection," SSRG International Journal of Computer Science and Engineering , vol. 5,  no. 6, pp. 20-24, 2018. Crossref,


Distributed Denial of Service (DDoS) remains to be one of the major issues against web servers and normal functioning of networks, because of freely available tools for generating attack and unprotected devices connected to the internet. Software Defined Networking (SDN) decouples controlling and packet forwarding mechanisms to reduce functioning overheads in a network and making whole network dynamically programmable, but it is vulnerable to DDoS and link congestion. DDoS defense mechanism includes DDoS detection, attack trace back and attack mitigation, of which detection is performed using various methods. In existing system, neural network is used to detect attack and it is trained with previously obtained attack dataset. By using neural networks, only specific attacks can be detected. In real time, detecting DDoS attack nearer to the attack source is essential. Collaborative mechanisms allow nodes within a network to share packet flow data, resulting in early detection of DDoS attack. In proposed system, Packet score method is employed to sense attacks that are spread by randomizing packet attributes by comparing flow characteristics during benign flow and the current traffic characteristics. DDoS attack is generated using Mininet in SDN environment to create nominal and current profiles. The proposed system is expected to improve accuracy of attack detection in early stages of attack when compared with neural networks based detection system.


SDN, DDoS attack detection, neural network, packet score.


[1] R. Braga, E. Mota, and A. Passito, “A Lightweight DDoS flooding attack detection using NOX/Openflow”, IEEE - Local Computer Networks , vol.1, pp.416-424, 2010. 
[2] V. Trung Phan, K. Nguyen Bao, and P.Minho, “Distributed SOM: A Novel Performance Bottleneck Handler For Large- Sized Software Defined Networks Under Flooding Attacks”, Elsevier: Journal of Network and Computer Applications, vol.91, pp. 14 – 25, 2017. 
[3] C. Tommy, M.Xenia, L. Xiangyang, and X. Kaiqi , “An SDN-supported collaborative approach for DDoS flooding detection and containment”, IEEE - Military Communications Conference, vol.1, pp. 659-665, 2011. 
[4] S. Donwon, and P.Adrian, “PFS: probabilistic filter scheduling against distributed denial-of-service attacks”, IEEE - Local Computer Networks, vol.1, pp. 9-17, 2011. 
[5] S. Donwon, and P.Adrian., “APFS: adaptive probabilistic filter scheduling against distributed denial-of-service attacks”, Elsevier: Computers & Security, vol.39, November, pp. 366-385, 2013. 
[6] J. Udhayan, and T.Hamsapriya, “Statistical segregation method to minimize the false detections during DDoS attacks”, International Journal of Network Security, vol.13, Issue:3, pp.152–160,2011. 
[7] Yunhe C. et al, “SD-Anti-DDoS: fast and efficient DDoS defense in software-defined networks”, Elsevier - Journal of Network and Computer Applications, vol.68, pp. 65 –79, June 2016. 
[8] Kübra K. and Fatih A, “A distributed filtering mechanism against DDoS attacks: ScoreForCore”, Elsevier – Computer Networks, vol.108, pp. 199 –209, October 2016. 
[9] Kübra K., Gurkan G., and Fatih A., “Defense mechanisms against DDoS attacks in SDN environment”, IEEE Communications Magazine, vol.55, Issue: 9, pp. 175 –179, 2017.