Distributed DoS Attack Detection in SDN: Trade offs in Resource Constrained Wireless Networks

TL;DR

This paper presents a lightweight DoS attack detection algorithm for SDN in resource-constrained wireless networks, achieving high detection accuracy and attacker identification rates through non-parametric change point detection.

Contribution

It introduces a novel, resource-efficient DoS detection method tailored for SDN in constrained environments, balancing detection performance and complexity.

Findings

Detection rates and attacker identification probabilities over 0.93

Effective real-time detection on resource-constrained devices

Trade-off analysis between detection accuracy and complexity

Abstract

The Software-defined networking(SDN) paradigm centralizes control decisions to improve programmability and simplify network management. However, this centralization turns the network vulnerable to denial of service (DoS) attacks, and in the case of resource constrained networks, the vulnerabilities escalate. The main shortcoming in current security solutions is the trade off between detection rate and complexity. In this work, we propose a DoS attack detection algorithm for SDN resource constrained networks, based on recent results on non-parametric real-time change point detection, and lightweight enough to run on individual resource constrained devices. Our experiment results show detection rates and attacker identification probabilities equal or over 0.93.