Article Preview
Top1. Introduction
Networking is used to set-up a communication between two devices and in order to manage such a network, there is a need for network administrator who is a person with knowledge of entire network which created the dependencies of entire network on network administrator. The evolution of Software Defined Network (SDN) in recent decade has removed this issue. SDN works by managing the network by means of software which is programmable in nature. SDN decouples the control plane and data plane of router. Thus, the work of control plane which acts like a brain of person and executes all the algorithms and protocol is separate from all the routers into a single control plane termed as controller. Whereas the data plane which works as a forwarding of data is decouples and remains in all the routers. Thus, in traditional approach, each routers contain control plane where the algorithms and protocols execute along with which contain routing table and data plane which contain forwarding table which only works as forwarding base. SDN decouples this control plane from routers of a network and place it as controller which is programmable in nature and can be coded using languages like C, java, python etc. which controls the entire network through this controller using different protocols and south bound APIs and North bound APIs. This controller send commands to different routers within the network to manage the entire network from a single controller which can be manage through a user interface.
Denial of service (DoS) attack is one of the traditional attack which attack on the network in order to use the resources for unauthorized work, thus the server unable to serve the actual work of the network. The DoS attack floods the network with malicious request which keeps the server busy in handling those request and thus making other systems of the network constraint of resources. Other type of DoS attacks are execution of malwares, teardrop attack or application level flooding. One of the type of DoS attack is IP spoofing, where IP addresses are forged for diverting the packets such that the server will become busy and also it will be hard to identify the identity of attacking machine. The advanced version of DoS attack is Distributed Denial of Service (DDoS) attack, which is a cyber attack which make use of multiple IP address in order to hide the identity of attacker. Thus, DDoS attack instantaneously acquire the badwidth of the network and thus make the server busy while making connection with specific website with number of computers in the network or internet in order to increase the traffic in an abnormal manner. Since, during this time the server function as distributing the traffic and hence termed as distributed denial of service attack in a sense that traffic is neutralized.
In this paper we consider the DDoS attack within SDN network and thus try to find the impact of attack on SDN network and based on this proposed an algorithm which maximizes the system utility by ensuring that web transaction which consists of multiple packets from client to server, the first SYN packet will suffer delay due to packet loss or transmission whereas other packets will receive normal service which will increase the performance of the network.
1.1 Software Defined Network
Software defined network works on the concept of decoupling the control plane of router from data plane. (Dumka A., 2018) The control plane of the entire network is replaced with a centralized controller which is managed by software. This controller is managed by means of software based approach which is application level programming. Open flow protocol is used to set up the communication between software and the hardware. Whereas North bound API and South bound APIs are used to set up the communication from software to the network such that routers work as per the instruction given from the software.
Working of SDN can be divided into 6 parts as management plane, control plane, data plane, north bound API, south bound API and east west API. Where the management plane is responsible for defining the policies of the network. The communication of control plane with data plane is performed using south bound interfaces like OpenFlow protocols which is normalized by open network foundation (ONF) whereas data plane is actual physical network or collection of all forwarding devices like switch and routers.