International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 05 Issue: 12 | Dec 2018 www.irjet.net p-ISSN: 2395-0072 © 2018, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 918 Detection of Distributed Denial-of-Service (DDoS) Attack on Software Defined Network (SDN) Mr. Ajinkya Patil 1 , Mr. Pratik Jain 2 , Mr. Ravi Ram 3 , Mr. Venkatesh Vayachal 4 , Prof. S. P. Bendale 5 1,2,3,4 B. E. Student, Dept. of Computer Engineering, NBN Sinhgad School of Engineering, Ambegaon, Pune – 411041, Maharashtra, India 5 Professor, Dept. of Computer. Engineering, NBN Sinhgad School of Engineering, Ambegaon, Pune – 411041, Maharashtra, India ----------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Software Defined Network (SDN for short) enables better network flow, managing network traffic, and optimizing the network to work better than traditional network. Software-defined networking technology is a cloud computing approach that facilitates network management and enables efficient network configuration programmatically to improve the performance of the network and to facilitate monitoring. SDN addresses the fact that the traditional networks have a static architecture which is decentralized and highly complex. The need of current networks is flexibility and easy and efficient troubleshooting. SDN uses the concept of centralization of network intelligence in a single main network component. This is achieved by dissociation of the forwarding process of network packets from the routing process. The rate of development of internet technology is higher than ever. Due to this rapid development, the network flow rates are now higher than ever. In addition, the Distributed Denial-of-Service (DDoS) attacks which poses a major threat to network security are now prevalent. In computer networks, a Denial-of-Service (DoS) attack is a cyber-attack where, the attacker or the mastermind's goal is to make the network resources or a machine (such as Servers, Network Controllers, Access Points, etc.) unable to process the requests of the intended users. The attacker achieves this by disrupting the services of a machine (host) connected to the network. If any host in the network is unable to process or function the requests from users, the network fails. Using functionalities of Mininet such as OpenFlow Switches, Ryu Controllers, Collection Modules and feature extractions we are trying to simulate an SDN (Software Defined Network). A DDoS attack on this network will be simulated. We will try to detect this attack on the network using detection methods based on data mining techniques. Key Words: Software Defined Network (SDN), Denial-of- Service (DoS), Distributed Denial-of-Service (DDoS). 1. INTRODUCTION Software Defined Network (SDN in short), is an architecture that is dynamic, it can adapt to different functionalities such as high-bandwidth, profitable, and can be managed easily compared to traditional network model. [1] Software Defined Networking provides number of benefits, centralized network provisioning, better enterprise management, better security, low operational costs, isolation and traffic control, managing packet forwarding. The SDN suggests a Centralized Network by dividing the architecture into Network Control Plane and Forwarding Plane. The network control plane is directly programmable and consists of one or more controllers which is also considered as Brain of SDN. With the separation of Control Plane, the administrators are able to dynamically adjust traffic flow in the whole network, according to network needs. [2] Administrators can also configure and optimize the network security and secure the network resources with the help of SDN programs. The network implementation, configuration and troubleshooting require high skilled network and system engineers. The system managers can control different components or “layers” (i.e., application, control and data plane), they can allocate resources to network users through application layer, manage the network entities through control plane, and network devices on data plane. The OpenFlow protocol was one of the important elements for building a SDN, it can also be called as OpenFlow framework, first SDN standard. Most of the software defined network have some version of SDN Controller, as well as Southbound APIs and Northbound APIs as shown in Figure 1. The controllers and switches follow OpenFlow standards, and OpenFlow runs between them acting as a communication medium. There are different controller platforms which are open source such as Beacon, OpenDayLight, Floodlight, Open vSwitch. Fig - 1: Software Defined Architecture