Manara - Qatar Research Repository
Browse

Addressing Security Issues in Software Defined Networks

Download (4.91 MB)
thesis
submitted on 2025-06-17, 09:40 and posted on 2025-06-17, 09:42 authored by Lubna Fayez Eliyan

Software-Defined Networking (SDN) is an innovative networking model that decouples forwarding hardware from control decisions. It promises to facilitate innovation and evolution while simplifying network management. Denial of service (DoS) and distributed denial of service (DDoS) attacks are dreadful security challenges in SDNs. For example, these attacks could flood the data, control, or communication channels. Attacking the control plane might cause a failure of the entire network while attacking the data plane or the communication channel could cause packet loss and network unavailability. We present various contributions that shed light on the problem of DoS/DDoS attacks in SDNs in this research work, giving a thorough background on the topic and including an analysis of the attacks and available countermeasures. We examine and systematize the strategies that combat DoS and DDoS threats in SDNs through the lenses of intrinsic and extrinsic approaches.

Finally, we propose DeMi, a lightweight DoS detection and mitigation method, as well as heavy-load management. The proposed approach aims to secure the components of the SDN to protect against DoS attacks. Results of our proposed solution are staggering: for instance, when DeMi is deployed, in an attack scenario, the number of exchanged control packets is roughly similar to the attack-free scenario---without DeMi, the number of control packets in the network is 2,7 times more than what experienced in an attack-free setting. As per the number of re-transmitted packets, again, DeMi is able to achieve a re-transmission rate similar to an attack-free scenario---without DeMi, the number of packets that need to be re-transmitted is roughly 3,7 times the number of packets re-transmission occurring in an attack-free scenario.

The novelty of the approach, the demonstrated complete end-to-end solution, and the quality of the achieved experimental results, other than being interesting on their own, do pave the way for further research in this field.

History

Language

  • English

Publication Year

  • 2023

License statement

© The author. The author has granted HBKU and Qatar Foundation a non-exclusive, worldwide, perpetual, irrevocable, royalty-free license to reproduce, display and distribute the manuscript in whole or in part in any form to be posted in digital or print format and made available to the public at no charge. Unless otherwise specified in the copyright statement or the metadata, all rights are reserved by the copyright holder. For permission to reuse content, please contact the author.

Institution affiliated with

  • Hamad Bin Khalifa University
  • College of Science and Engineering - HBKU

Degree Date

  • 2023

Degree Type

  • Doctorate

Advisors

Roberto Di Pietro

Committee Members

Gabriele Oligeri | Jens Schneider | Adel Elomri | Qutaibah Mallhui

Department/Program

College of Science and Engineering

Usage metrics

    College of Science and Engineering - HBKU

    Categories

    Keywords

    Software-Defined NetworkingDenial of serviceSecurity issuesOpenFlow switchesEntropy evaluation

    Licence

    In Copyright

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC