A DDoS Vulnerability Analysis System against Distributed SDN Controllers in a Cloud Computing Environment
Software-Defined Networking (SDN) is now a well-established approach in 5G, Internet of Things (IoT) and Cloud Computing. The primary idea behind its immense popularity is the separation of its underlying intelligence from the data-carrying components like routers and switches. The intelligence of t...
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-09-01
|
| Series: | Electronics |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2079-9292/11/19/3120 |
| _version_ | 1797479769633193984 |
|---|---|
| author | Sumit Badotra Sarvesh Tanwar Salil Bharany Ateeq Ur Rehman Elsayed Tag Eldin Nivin A. Ghamry Muhammad Shafiq |
| author_facet | Sumit Badotra Sarvesh Tanwar Salil Bharany Ateeq Ur Rehman Elsayed Tag Eldin Nivin A. Ghamry Muhammad Shafiq |
| author_sort | Sumit Badotra |
| collection | DOAJ |
| description | Software-Defined Networking (SDN) is now a well-established approach in 5G, Internet of Things (IoT) and Cloud Computing. The primary idea behind its immense popularity is the separation of its underlying intelligence from the data-carrying components like routers and switches. The intelligence of the SDN-based networks lies in the central point, popularly known as the SDN controller. It is the central control hub of the SDN-based network, which has full privileges and a global view over the entire network. Providing security to SDN controllers is one such important task. Whenever one wishes to implement SDN into their data center or network, they are required to provide the website to SDN controllers. Several attacks are becoming a hurdle in the exponential growth of SDN, and among all one such attack is a Distributed Denial of Service (DDoS) attack. In a couple of years, several new SDN controllers will be available. Among many, Open Networking Operating System (ONOS) and OpenDayLight (ODL) are two popular SDN controllers laying the foundation for many other controllers. These SDN controllers are now being used by numerous businesses, including Cisco, Juniper, IBM, Google, etc. In this paper, vulnerability analysis is carried out against DDoS attacks on the latest released versions of both ODL and ONOS SDN controllers in real-time cloud data centers. For this, we have considered distributed SDN controllers (located at different locations) on two different clouds (AWS and Azure). These controllers are connected through the Internet and work on different networks. DDoS attacks are bombarded on the distributed SDN controllers, and vulnerability is analyzed. It was observed with experimentation that, under five different scenarios (malicious traffic generated), ODL-3 node cluster controller had performed better than ONOS. In these five different scenarios, the amount of malicious traffic was incregradually increased. It also observed that, in terms of disk utilization, memory utilization, and CPU utilization, the ODL 3-node cluster was way ahead of the SDN controller. |
| first_indexed | 2024-03-09T21:50:35Z |
| format | Article |
| id | doaj.art-20455fa50aec41a0a06a687c426c32f8 |
| institution | Directory Open Access Journal |
| issn | 2079-9292 |
| language | English |
| last_indexed | 2024-03-09T21:50:35Z |
| publishDate | 2022-09-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Electronics |
| spelling | doaj.art-20455fa50aec41a0a06a687c426c32f82023-11-23T20:06:37ZengMDPI AGElectronics2079-92922022-09-011119312010.3390/electronics11193120A DDoS Vulnerability Analysis System against Distributed SDN Controllers in a Cloud Computing EnvironmentSumit Badotra0Sarvesh Tanwar1Salil Bharany2Ateeq Ur Rehman3Elsayed Tag Eldin4Nivin A. Ghamry5Muhammad Shafiq6Department of Computer Science and Engineering, Lovely Professional University, Phagwara 144411, IndiaAIIT, Amity University, Noida 201303, IndiaDepartment of Computer Engineering and Technology, Guru Nanak Dev University, Amritsar 143005, IndiaDepartment of Electrical Engineering, Government College University, Lahore 54000, PakistanFaculty of Engineering and Technology, Future University in Egypt, New Cairo 11835, EgyptFaculty of Computers and Artificial intelligence, Cairo University, Giza 12613, EgyptDepartment of Information and Communication Engineering, Yeungnam University, Gyeongsan 38541, KoreaSoftware-Defined Networking (SDN) is now a well-established approach in 5G, Internet of Things (IoT) and Cloud Computing. The primary idea behind its immense popularity is the separation of its underlying intelligence from the data-carrying components like routers and switches. The intelligence of the SDN-based networks lies in the central point, popularly known as the SDN controller. It is the central control hub of the SDN-based network, which has full privileges and a global view over the entire network. Providing security to SDN controllers is one such important task. Whenever one wishes to implement SDN into their data center or network, they are required to provide the website to SDN controllers. Several attacks are becoming a hurdle in the exponential growth of SDN, and among all one such attack is a Distributed Denial of Service (DDoS) attack. In a couple of years, several new SDN controllers will be available. Among many, Open Networking Operating System (ONOS) and OpenDayLight (ODL) are two popular SDN controllers laying the foundation for many other controllers. These SDN controllers are now being used by numerous businesses, including Cisco, Juniper, IBM, Google, etc. In this paper, vulnerability analysis is carried out against DDoS attacks on the latest released versions of both ODL and ONOS SDN controllers in real-time cloud data centers. For this, we have considered distributed SDN controllers (located at different locations) on two different clouds (AWS and Azure). These controllers are connected through the Internet and work on different networks. DDoS attacks are bombarded on the distributed SDN controllers, and vulnerability is analyzed. It was observed with experimentation that, under five different scenarios (malicious traffic generated), ODL-3 node cluster controller had performed better than ONOS. In these five different scenarios, the amount of malicious traffic was incregradually increased. It also observed that, in terms of disk utilization, memory utilization, and CPU utilization, the ODL 3-node cluster was way ahead of the SDN controller.https://www.mdpi.com/2079-9292/11/19/3120ODL 3-nodeclusterSDN controllersDDoS attacksopen network operating systemcloud computing |
| spellingShingle | Sumit Badotra Sarvesh Tanwar Salil Bharany Ateeq Ur Rehman Elsayed Tag Eldin Nivin A. Ghamry Muhammad Shafiq A DDoS Vulnerability Analysis System against Distributed SDN Controllers in a Cloud Computing Environment Electronics ODL 3-node cluster SDN controllers DDoS attacks open network operating system cloud computing |
| title | A DDoS Vulnerability Analysis System against Distributed SDN Controllers in a Cloud Computing Environment |
| title_full | A DDoS Vulnerability Analysis System against Distributed SDN Controllers in a Cloud Computing Environment |
| title_fullStr | A DDoS Vulnerability Analysis System against Distributed SDN Controllers in a Cloud Computing Environment |
| title_full_unstemmed | A DDoS Vulnerability Analysis System against Distributed SDN Controllers in a Cloud Computing Environment |
| title_short | A DDoS Vulnerability Analysis System against Distributed SDN Controllers in a Cloud Computing Environment |
| title_sort | ddos vulnerability analysis system against distributed sdn controllers in a cloud computing environment |
| topic | ODL 3-node cluster SDN controllers DDoS attacks open network operating system cloud computing |
| url | https://www.mdpi.com/2079-9292/11/19/3120 |
| work_keys_str_mv | AT sumitbadotra addosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT sarveshtanwar addosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT salilbharany addosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT ateequrrehman addosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT elsayedtageldin addosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT nivinaghamry addosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT muhammadshafiq addosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT sumitbadotra ddosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT sarveshtanwar ddosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT salilbharany ddosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT ateequrrehman ddosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT elsayedtageldin ddosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT nivinaghamry ddosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment AT muhammadshafiq ddosvulnerabilityanalysissystemagainstdistributedsdncontrollersinacloudcomputingenvironment |