JESS: Joint Entropy-Based DDoS Defense Scheme in SDN

Software-defined networking (SDN) is a communication paradigm that brings cost efficiency and flexibility through software-defined functions resident on centralized controllers. Although SDN applications are introduced in a limited scope with related technologies still under development, operational SDN networks already face major security threats. Therefore, comprehensive and efficient solutions are crucial. Especially, large-scale security threats such as distributed-denial-of-service (DDoS) attacks are jeopardizing safety and availability of data and services in these systems. A DDoS attack is aimed at making resources unavailable to legitimate users via overloading systems with excessive superfluous traffic from distributed sources. In this paper, we describe and evaluate a joint entropy-based security scheme (JESS) to enhance the SDN security with the aim of a reinforced SDN architecture against DDoS attacks. In particular, our proposed model devises a statistical solution to detect and mitigate these hazards. To the best of our knowledge, JESS is the first model that utilizes joint entropy for DDoS detection and mitigation in the SDN environment. Since it relies on a statistical model, it mitigates not only known attacks but also unfamiliar types in an efficient manner.