Detection of DDoS Attacks in Software Defined Networking Using Entropy

Featured Application This study proposes a detection method of Distributed Denial of Service attacks in Software Defined Networking, which uses the property of entropy to measure the occurrence of attack behavior in the network. The significance of this study is to quickly and effectively detect Distributed Denial of Service attacks in the Software Defined Networking and protect the SDN controller against security threats. Software Defined Networking (SDN) is one of the most commonly used network architectures in recent years. With the substantial increase in the number of Internet users, network security threats appear more frequently, which brings more concerns to SDN. Distributed denial of Service (DDoS) attacks are one of the most dangerous and frequent attacks in software defined networks. The traditional attack detection method using entropy has some defects such as slow attack detection and poor detection effect. In order to solve this problem, this paper proposed a method of fusion entropy, which detects attacks by measuring the randomness of network events. This method has the advantages of fast attack detection speed and obvious decrease in entropy value. The complementarity of information entropy and log energy entropy is effectively utilized. The experimental results show that the entropy value of the attack scenarios 91.25% lower than normal scenarios, which has greater advantages and significance compared with other attack detection methods.