Naïve Bayes Anomaly Detection System Design On Openflow Network
One of the generally launched attacks is Distributed Denial of Service that renders its target unable to provide its service. Gaussian Naïve Bayes Classifier is one out of several techniques used in detecting those attacks by classifying network traffic in a window as an attack or a normal traffic based on normal distribution previously calculated from normal and attack traffic datasets. This research focuses on mitigating SYN Flood Type DDoS attacks on OpenFlow Network using Zodiac FX as a switch. The developed system utilizes OpenFlow Protocol to apply flow rule in switch’s flow table in order to detect and mitigate SYN Flood attacks in real-time. Applied mitigation procedure is to divert incoming packets into SYN Proxy so that only legitimate TCP packets are able to reach the server. The results show that the system has a bandwidth of up to 60Mbps under normal condition and 5,03Mbps under attack. Maximum malicious packets that could reach server before it is diverted to SYN Proxy is estimated to be 400 packets and not affected by the number of attacks, assuming that the flow rule sent by the controller are enacted immediately.
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
1. Accepted paper’s author should read and approve the content of Copyright Transfer Form and send it back via editorial email address.
2. Copyright Transfer Form must be signed by the first author of the paper.