Detecting DRDoS attacks on UDP-based Services using Data Structures through Software-Defined Networking Paradigm - دانشکده فنی و مهندسی
Detecting DRDoS attacks on UDP-based Services using Data Structures through Software-Defined Networking Paradigm
نوع: Type: thesis
مقطع: Segment: masters
عنوان: Title: Detecting DRDoS attacks on UDP-based Services using Data Structures through Software-Defined Networking Paradigm
ارائه دهنده: Provider: fatemeh takalo
اساتید راهنما: Supervisors: Dr. Mohammad Nassiri
اساتید مشاور: Advisory Professors: Dr.Reza Mohammadi
اساتید ممتحن یا داور: Examining professors or referees: Dr. Mehdi Sakhaeinia, Dr. Hatem Abdoli
زمان و تاریخ ارائه: Time and date of presentation: 2021
مکان ارائه: Place of presentation: virtual
چکیده: Abstract: Software-Defined networking have been created to change the architecture of traditional networks with dedicated functionality to achieve smart grids.Recently, these types of networks have become particularly popular among organizations due to their flexibility in managing network services and reducing operating costs. In the architecture of this type of network, the control plane is separated from the data plane and centrally manages the data switches as the controller server. Given the growing deployment of distributed denial of service (DDoS) attacks on computer networks, especially through the Internet, and given the importance of information security and the need to properly provide services through these networks, the need to be familiar with this Attacks are increasing day by day.The size and variety of DDoS attack approaches and defense mechanism it is widespread. Software-Defined networks with a logical focus on network intelligence offer exciting opportunities and challenges to increase the security of these networks, which include new ways to prevent, protect and respond to attacks,also New security applications and services are also built based on SDN capabilities. In this research, using the Sketch data structure, a suitable method for detecting DNS amplification attacks in software-Defined networking is presented. The use of reversible sketches (CRT-RS), which have the ability to merge and compress network traffic and Reverse recovery of abnormal IP addresses, eliminates the problem of high resource consumption when retrieving IP addresses. Analyzes and evaluations have been performed using various parameters to show the efficiency of the proposed method .Evaluations performed show that the proposed method is well resistant to this type of attack and can reduce this type of attack with appropriate accuracy
فایل: ّFile: Download فایل