A new method to prevent DNS amplification attacks in P4-based software-defined networks

نوع: Type: Thesis

مقطع: Segment: masters

عنوان: Title: A new method to prevent DNS amplification attacks in P4-based software-defined networks

ارائه دهنده: Provider: Sina Ghoochani

اساتید راهنما: Supervisors: Dr Reza Mohammadi

اساتید مشاور: Advisory Professors:

اساتید ممتحن یا داور: Examining professors or referees: Dr Hatam Abdoli, Dr Shakoor Vakilian

زمان و تاریخ ارائه: Time and date of presentation: 2025

مکان ارائه: Place of presentation: 44

چکیده: Abstract: Software-defined networking (SDN) has gained popularity in recent years due to its abstract view of the network and remarkable flexibility. This architecture allows companies to develop a variety of software and hardware products based on it, and to take network performance and management to a higher level. In software-defined networking (SDN), the separation of the data plane from the control plane and applications has enabled an abstract view and centralized management. However, this design causes data plane devices to become simple devices without complex processing capabilities, and all processing tasks are the responsibility of the controller. This concentration of processing load on the controller makes it a vital and central element in the SDN architecture. Because of this importance, the controller has become an attractive target for cyber attackers. Attacks on the controller can affect the entire network, since the controller is responsible for managing, regulating, and processing all network traffic flows. This security challenge is one of the main aspects in designing and implementing security solutions for SDN networks. DNS amplification attacks are a type of DDoS attacks and are also considered as malicious attacks in SDN networks that have a destructive impact on networks by exploiting vulnerabilities in DNS servers and amplifying attack traffic. With the increasing complexity of these attacks and the volume of traffic generated, software-defined networks (SDN) have also become an attractive target for attackers. One of the main challenges in this field is managing the large workload and heavy traffic on the network controller. To address this challenge, researchers have proposed various methods that include various hardware and software solutions. Among them, the use of data plane devices to distribute the processing load has been one of the key approaches. As a powerful tool in this field, the P4 language enables the implementation of advanced processing in the data plane. The emergence of the P4 language has made it possible to utilize the processing power of data page equipment to detect DDoS attacks. This solution reduces the operational burden of the controller and accelerates the attack detection process. In this research, P4 programmable switches are used and a statistical method is presented to detect attacks at the controller level. Evaluations show that this method significantly reduces the processing load of the controller by distributing part of the detection operations to the data page level and detects attacks with high speed and accuracy. In addition, the proposed method is robust against DDoS attacks and effectively limits the impact of this type of attack. With the help of P4 switches, it can block malicious and suspicious packets to prevent the attack from occurring.

فایل: ّFile: Download فایل