Detection and mitigation of SSDP reflection/amplification attack in p4-based software defined networks - دانشکده فنی و مهندسی
Detection and mitigation of SSDP reflection/amplification attack in p4-based software defined networks
نوع: Type: Thesis
مقطع: Segment: masters
عنوان: Title: Detection and mitigation of SSDP reflection/amplification attack in p4-based software defined networks
ارائه دهنده: Provider: Amirhossein Karami
اساتید راهنما: Supervisors: Dr.Reza Mohammadi
اساتید مشاور: Advisory Professors:
اساتید ممتحن یا داور: Examining professors or referees: Dr.Mehdi Abbasi- Dr.Hatam Abdoli
زمان و تاریخ ارائه: Time and date of presentation: 2025
مکان ارائه: Place of presentation: seminar
چکیده: Abstract: Software-Defined Networking (SDN), due to its ability to provide an abstract view of network architecture and high flexibility, has emerged in recent years as one of the most widely adopted paradigms in computer networking. The fundamental characteristic of this architecture is the separation of the data plane from the control plane. In this design, data plane devices are typically simple, low-cost, and possess limited processing power, whereas computational and decision-making responsibilities are centralized in a controller. Although this centralization simplifies network configuration and management, it also introduces a critical single point of failure, rendering the controller a highly sensitive and vulnerable component. Among the most significant threats targeting this architecture are Distributed Denial of Service (DDoS) attacks. Such attacks overwhelm the target’s processing and communication resources through floods of illegitimate requests or traffic, ultimately disrupting service availability for legitimate users. Within the diverse taxonomy of DDoS attacks, reflective/amplification-based denial-of-service attacks are particularly concerning due to their capacity to generate massive traffic volumes and exploit vulnerabilities in network protocols. Numerous mitigation techniques have been proposed in recent years; however, their effectiveness has declined as network traffic complexity and processing demands have increased. A promising solution to address these challenges is the P4 programming language, which enables the specification and execution of packet-processing policies directly within the data plane. Leveraging P4-enabled programmable switches allows certain computational tasks to be offloaded from the controller, thereby reducing its workload.In this study, a novel model is proposed for the detection and prevention of SSDP reflection attacks in software-defined networks. In the proposed method, traffic features are extracted by P4-based programmable switches and forwarded to a dedicated security controller. This controller employs machine learning algorithms to distinguish malicious traffic from legitimate traffic. Consequently, the computational burden on the ONOS controller is alleviated, and the detection process is entirely distributed between the switch and the security controller.The proposed model was evaluated in terms of bandwidth utilization, CPU load, and network latency. Experimental results demonstrated that timely detection of attacks restores network performance indicators to normal levels and prevents resource exhaustion. These findings highlight the substantial impact of integrating P4 switches with machine learning in enhancing the security and stability of software-defined networks.