DOS Attack Mitigation Strategies on SDN Controller

Software-Defined Networking (SDN) introduces centralized control logic, and separates the data plane from the control plane. Hence, SDN makes it easier for network engineers to monitor traffic, diagnose threats, and insert or change security policies. However, it also creates security challenges that did not exist before, such as controller security. In this paper, we analyze the effect of DOS attacks on the SDN controller and propose two approaches, FlowSec and Blackbox, to mitigate DOS attacks. FlowSec is a strategy to mitigate an attack on the controller bandwidth by setting a limit on the number of packets that can be sent to the controller per second. Blackbox defines and keeps track of threat levels, detects, and responds to different aggressive attacks in real-time basis. The experiments show that both approaches work well on preventing DOS attacks.