Skip to content

DDOS Mitigation System based on Ryu SDN Controller with Port Blocking Mechanism

Notifications You must be signed in to change notification settings

bryanoliverh/SDNSecurity_DDOSMitigationDecisionTree_PortBlocking

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SDN Security - DDOS Mitigation System based on Ryu Controller Framework with Port Blocking Mechanism using Decision Tree Algorithm

This is a thesis project that creates a DDoS Mitigation System inside the Ryu SDN Controller. The specification is as follows:

  1. The controller is using the Machine Learning Classification Decision Tree Model.
  2. Please use the controllerfinal.py for the full capabilities.
  3. The machine learning model is being used to train the controller to determine whether a network packet is considered a DDoS attack or not.
  4. The controller then will be able to detect the packet using the detection mechanism and mitigate the attack by doing a port blocking the attacker port.
  5. The controller has been tested on multiple data center topologies (Three Tier, Leaf-Spine, etc) with the multiple number of nodes selection with most of the switches being used being OpenFlow Switch 1.3.
  6. There is an application layer that was made to keep the monitoring of the eaeachf the node inside https://github.com/bryanoliverh/SDNSecurity_RyuControllerApplicationLayer.
  7. The application layer functions to manually enable/disable ports, create whitelist/blacklist firewall rules, check the packet forwarding, block specific ports from the network devices, check the condition via the monitoring graphs, and so on.

Simulation

Topology Example:

Three Tier Data Center:

image

Spine Leaf Data Center:

Introduction to Ryu and Mininet

Please read through these two docs for the introduction to Mininet and Ryu controllers:

Ryu also has an API that can be hit from the application firewall that we run. In this case, I am using Django for the website framework. Some of the API functions are very beneficial for network monitoring and configurations. It allows the management of traffic, enabling or disabling a switch, and many more. Please choose the corresponding mininet and Ryu versions that you prefer. You can check this doc for the API functionalities: https://ryu.readthedocs.io/en/latest/app/ofctl_rest.html

About

DDOS Mitigation System based on Ryu SDN Controller with Port Blocking Mechanism

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published