Neural Network Based Protoction of SDN controller against DDoS attacks Article in Press

Software Defined Network is a new architecture for network management and its main concept is centralizing network management in the network control level that has an overview of the network and determines the forwarding rules for switches and routers(the data level).Although this centralized control is the main advantage of SDN, it is also a single point of failure. If this main control is made unreachable for any reason, the architecture of the network is crashed. A DDoS attack is a threat for the SDN controller that can make it unreachable. Most of the previous works in DDoS detection in SDN focus on early detection of DDoS and not enough work have been done on improvement of accuracy in detection. The proposed solution of this research can detect DDoS attack on SDN controller with a noticeable accuracy and prevents serious damage to the controller .For this purpose, fast entropy of each flow is computed at certain time intervals. Then by the use of adaptive threshold, the possibility of a DDoS attack is investigated. In order to achieve more accuracy, another method, computing flow initiation rate, is used alongside. After observation the results of this two methods, according to the conditions described later, the existence of an attack is confirmed or rejected, or this decision is made at the next step of the algorithm, with further study of flow statistics of network switches by the perceptron neural network.