Unprecedented Smart Algorithm for Uninterrupted SDN Services During DDoS Attack

Muhammad Reazul Haque,Saw Chin Tan,Zulfadzli Yusoff,Kashif Nisar,Rizaludin Kaspin,Iram Haider,Sana Nisar,J.P.C.Rodrigues,Bhawani Shankar Chowdhry,Muhammad Aslam Uqaili,Satya Prasad Majumder,Danda B.Rawat,Richard Etengu and Rajkumar Buyya0

1Faculty of Computing&Informatics,Multimedia University,Persiaran Multimedia,Cyberjaya,63100,Selangor,Malaysia

2Faculty of Engineering,Multimedia University,Persiaran Multimedia,Cyberjaya,63100,Selangor,Malaysia

3Faculty of Computing and Informatics,University Malaysia Sabah,Jalan UMS,Kota Kinabalu Sabah,88400,Malaysia

4Telekom Malaysia Research&Development,TM Innovation Centre,63000,Cyberjaya,Selangor,Malaysia

5Federal University of Piauí(UFPI),Teresina,PI,Brazil

6Instituto de Telecomunica??es,6201-001,Covilh?,Portugal

7National Center of Robotics and Automation-Condition Monitoring Systems Lab,MUET,Jamshoro,Pakistan

8Department of Electrical and Electronic Engineering,BUET,Dhaka,1205,Bangladesh

9Department of Electrical Engineering and Computer Science,Data Science and Cybersecurity Center,Howard University,Washington,DC,USA

10Cloud Computing and Distributed Systems(CLOUDS)Laboratory,School of Computing and Information Systems,The University of Melbourne,Melbourne,VIC 3053,Australia

Abstract: In the design and planning of next-generation Internet of Things(IoT),telecommunication,and satellite communication systems,controller placement is crucial in software-defined networking(SDN).The programmability of the SDN controller is sophisticated for the centralized control system of the entire network.Nevertheless,it creates a significant loophole for the manifestation of a distributed denial of service (DDoS) attack straightforwardly.Furthermore,recently a Distributed Reflected Denial of Service(DRDoS) attack,an unusual DDoS attack,has been detected.However,minimal deliberation has given to this forthcoming single point of SDN infrastructure failure problem.Moreover,recently the high frequencies of DDoS attacks have increased dramatically.In this paper,a smart algorithm for planning SDN smart backup controllers under DDoS attack scenarios has proposed.Our proposed smart algorithm can recommend single or multiple smart backup controllers in the event of DDoS occurrence.The obtained simulated results demonstrate that the validation of the proposed algorithm and the performance analysis achieved 99.99%accuracy in placing the smart backup controller under DDoS attacks within 0.125 to 46508.7 s in SDN.

Keywords: SDN;smart algorithm;RTZLK-DAASCP;DDoS attack;DRDoS

1 Introduction

Software-defined networking (SDN) has attained evident quality worldwide since it is agile,programmable [1],cost-effective,besides the centralized networking system framework in contrast with the customary traditional computer,telecommunications,and satellite communication frameworks that are more confounded and harder to oversee.The focal point of SDN engineering is the controller that mediates among clients and assets to deliver services [2-4].SDN enables industry operators to reduce operational expenditure (OPEX) and capital expenditure (CAPEX) and create innovative,differentiated services [5].SDN’s principal function is to expedite and progress the network management system with high flexibility and reliability by separating the control plane from the data plane.Moreover,the capability to unlock more innovative opportunities is owed to the network programmability of SDN.Numerous researchers from both industrial and academic have been attracted to address SDN issues [6].Open Networking Foundation (ONF) states that SDN is a developing design that is dynamic,reasonable,financially savvy,and versatile,making it ideal for the high-bandwidth,dynamic nature of emerging applications [7].Before SDN was engineered,the goal to make a programmable networking system had for long been thought of by researcher;for instance,the scientists in [8-14] upheld fast programmable data handling.

The brain of SDN is the controller,which comprises many uses giving united control usefulness through an open application program interface (API) to process the network data packet through an open interface.The SDN controller is a coherent control structure that runs the Network Operation System (NOS) [15].The equipment deliberations to the control plane,which can monitor the global view of the network architecture.The kernel brainchild of SDN is to separate the control plane and the data plane [16,17] by creating a particular software that allows the operating system of the network (software controller) of SDN to operate on separate hardware(physical controller) [18].Fig.1 shows a typical architecture of SDN.

Figure 1:Simplified architecture of SDN [19]

This separation not only provides a significant feature for future networks and telecommunication but also threatens SDN security.SDN is a structure designed to simplify and improve network management with high flexibility by splitting the control plane and data plane [20].

Distributed denial of services (DDoS) attack attempts to make an online service or network unavailable by creating excessive requests from the OpenFlow switch to the controller.The various attack sources include all personal computers (PC),servers,smartphones,alarm systems,cameras,the Internet of things (IoT) devices,and sensors.DDoS attacks can paralyze SDN services by overwhelming servers,network links,and network devices (routers,switches,and controllers.) with illegitimate traffic.They can either cause service degradation or complete denial of service,causing huge losses [21].In Fig.2,we give an illustration of how the DDoS attack operated in general.

Figure 2:DDoS attack on SDN controller

Initially,attackers will infiltrate the controller via either a PC,smartphone,and IoT sensor.Through switches by using a botnet or a zombie.As a result,all the devices connected to the victim controller will eventually malfunction.Moreover,an infrastructure layer (switch) will typically request the controller to obtain new rules when it cannot handle data packets or forward data packets due to a mismatch in the flow table [22].Also,a large volume of DDoS attack traffic would occupy the entire bandwidth [23],causing congestion that would result in the controller becoming slow.Eventually,malfunction will occur after encountering DDoS attacks continuously.If the controller becomes the victim of a DDoS attack,all the switches connected to that controller will have malfunctioned and unable to serve the legitimate users.Hence,it is necessary to install an alternative controller to serve legitimate users.

The controller is the most critical component in the SDN network.Hence,controller placement in SDN planning is one of the critical criteria for providing uninterrupted services.Lately,it accounted for intimidation based on Distributed Denial of Service (DDoS) or Ransom Denial of Service (RDoS),an attacker professing to attack ‘Lazarus’.The attacker was threatening to dispatch a DDoS attack against the customer’s entire organization if the owner does not pay the installment within six days.DDoS attacks do not generally accompany a payment interest,yet,given that even one hour of downtime can cost organizations up to $100K sometimes,this sort of RDoS attacks merits viewing appropriately and relieving against services.The highest attacking data packet was 700 GigaByte Per Second (Gbps) or 6,012,951,135,769 bits per second,depicted in Fig.3 [24].

In the first few weeks of January 2021,DRDoS and RDoS attacks on German organizations and government offices have gotten increasingly continuous.Cybercriminals are utilizing the force of volumetric reflection attacks to coerce enormous ransoms.A Distributed Reflected Denial of Service (DRDoS) attack is an exceptional type of DDoS.For this situation,malevolent solicitations do not start from the actual attacker or a botnet setup.However,from specific Internet services [25],So DRDoS attack is an upcoming strong threat for SDN controllers with DDoS attack.Assurance for SDN networks is winding up being logically more essential in the field of security.This condition is being experienced despite that SDN can give a rich network.In any case,SDN faces different security challenges [26],simultaneously,for example,DDoS attack,network hindering,switch information spillage,management classification,and different principle attacks in traditional networks [27].From this time forward,it is imperative to pass on various reinforcement controllers to give non-stop SDN services under different DDoS attacks.Here,we proposed a smart algorithm to estimate the numbers of backup controllers required to be deployed at any specific location or node where DDoS occurred.

Figure 3:Gbps of DDoS attacks per day as observed in 2020

We organized this paper as follows.In the next section,we presented related work and the development of our proposed backup controller placement smart algorithm,Reazul Tan Zul Lee Kashif (called RTZLK) DDoS Attack Aware SDN Smart Controller Placement Algorithm (called DAASCPA).The flowchart of the proposed algorithm is disclosed in Section 3.Evaluation of the proposed smart algorithm under various scenarios will be conducted,and the result of the layout plan diagrams is shown in Section 4.A vision and future directions are discussed in Section 5.Finally,a conclusion is drawn in Section 6.

2 Related Work

First,the authors in [28] proposed the SDN controller placement by utilizing the k-median,comparing the advancement issue heuristic algorithm and the k-center,and the related improvement issue heuristic algorithm.Their work centered around the controller’s latency,the controller’s reaction time and did not address the controller placement under DDoS attack.In [29],the authors raised a standard system to change the connection between the controller and the switches dependent on the conduct of the controller position issue.The authors in [30] considered the need to augment the unwavering quality of the SDN controllers utilizing heuristic algorithms and brute force.In [31],the authors considered the controller placement issue was decreasing the most noticeably awful dormancy of the control ways under satisfying the heap limitation of SDN controllers.In [32],without referencing the DDoS attack,the author presented another upgraded model for the SDN controller placement just as switches and connections in the SDN.The authors in [33] focused on the need to delineate the weakness of SDN to DDoS attacks in cloud computing.They researched the new inclination and highlight of DDoS attacks in the cloud computing environment and gave a comprehensive measure of walled-in area systems against DDoS attacks utilizing SDN.In [34],the authors presented a DDoS attack safeguard by DDoS hindering framework by utilizing OpenFlow interface.In light of expeditiousness,flexibility,and exactness,the authors proposed a DDoS attack discovery technique in [35].

The authors in [36] proposed a multi-line SDN controller planning algorithm dependent on the time cut assignment procedure identified with controller placement in SDN.Based on attack traffic,attack scale,and courses of events,the work in [37] addressed the location of DDoS attacks in cloud services.Nevertheless,their proposed algorithm is a simple link to identify attacks that made the controllers break down,which brought about the interferences of services.In [38],the authors presented pSMART,a lightweight,security-mindful assistance work chain orchestration in a multi-space NFV/SDN circumstance,which cannot uphold during the colossal volume of DDoS attack traffic.In [39],the authors’proposed algorithms for exact and heuristic assessments of the resulting and completed in the Matlab-based POCO framework for the Paretobased Optimal Controller placement.At this point,it does not fulfill the need to offer help during DDoS.The authors in [40] proposed a multi-target ILP definition introduced to derive the related controller position.However,security dangers like DDoS attacks are not considered to offer constant types of assistance.In [41],the authors built up a Parameter Optimization Model (POM) for the heuristic figuring applied to the CPP.The heuristic algorithm can sufficiently disentangle the CPP by using the high-level limits procured in POM.The work does not consider components for securing the SDN controller and framework.In [42],the authors proposed a hypothetical idea of smart controller placement for SDN engineering.Essentially,SDN is poised to apply future applications,for example,voice over IP (VoIP) [43-45],fiber optic [46-48],worldwide interoperability for microwave access (WiMAX) [49-51],and artificial intelligence (AI) and machine learning (ML) [52],deep learning (DL) [53] unmanned aerial vehicle(UAV) and autonomous electric vehicle (AEV) through satellite [54].The above works neither considered intelligent reinforcement controller algorithm nor DDoS attack danger.In this paper,we proposed a smart algorithm for planning the deployment of SDN controllers under DDoS attack situations,which comprises additional backup reinforcement controllers notwithstanding the current controllers to guarantee the support of real clients without interruption.

3 SDN RTZLK-DAASCP Algorithm

Here,we present a DDoS attack-aware smart controller placement algorithm that comprises additional savvy reinforcement controllers notwithstanding the current controllers to guarantee the services for genuine clients without interruption.

3.1 Input:

R is the number of types of switches in setS,Set of the switchS={s1,s2,s3...sR}, AvlSis the available data packet in each switch that needs to be processed by the controller,kis the number of types of the controllers in set C,Set of controllerC={c1,c2,c3...ck},Available controller in setC=c1=2,c2=1,c3=3, PrpCis the processing power of the controllerC=c1,c2,c3,...ck,PortCis the port of the controller,CoCis the cost of the controller,AvlCis the availability of the Controller,mis the number of types of the backup controller,Set of the smart backup controllerBC={bc1,bc2,bc3...bm}, Prpbcis the processing power of the backup controller,Portbcis the Port of the backup controller,Cobcis the cost of the smart backup controller,Avlbcis the availability of the smart backup controller,wis the number of the nodes,n={n1,n2 n3,...nw}is the node to place controller and smart backup controller,Distance between nodes to place controller=200 m, DDoSnis the DDoS attack on node n, Affc=affected controller inC={c1,c3},andAffn=affected node inn={n1,n3}.

3.2 Output:

The controller and the smart backup controller placement matrixTcn,TBCn.

3.3 Algorithm:

1:Start

Initialization:

The controller placement matrixTcnto0for controller type c at all node n,cp=The controller placement,temporary controller placement listTcplist=0,Smart backup controller placement matrixTBCnto0for the smart backup controller typebat all noden,bcp=The smart backup controller placement,Temporary smart backup controller placement listTbcplist=0,AvlS=The available data packet in the switch that needs to be processed by the controller,CocMin=The minimum cost of the controllers,CobMin=The minimum cost of the smart backup controllers,cs=Controller’s subset,SPPcs=The sum of the processing power of the controller’s Subset,SPortCS=The sum of port of the controller’s subset,SCoCS=The sum of the cost of the controller’s subset,SCoCSMin=The minimum cost of the controller’s subset,Reqn=The number of the required node,P=Power setz[P(C)]=The number of element(controller)in Power Set.

2:foreachitems in the controller’s setC={c1,c2,c3...,ck}

3:CreateaUnion of setwith available controllers of each type of the controller fromSet C

c1∪c2∪c3...∪ck={c1[1],c1[2],c2[1],c3[1],c3[2],c3[3]...,ck[k]}

4:Updateit in setC={c1[1],c1[2],c2[1],c3[1],c3[2],c3[3]...,ck}

5:Create a Power Set P(C)for the set of theController C={c1[1],c1[2],c2[1],c3[1],c3[2],c3[3]...,ck}

For set C={c1[1],c1[2],c2[1],c3[1],c3[2],c3[3]...,ck}calculate the following subsets

Subsets with 0 controller-{?}{?}(the empty set)

Subsets with 1 controller-{c1[1]},{c1[2]},{c2[1]},{c3[1]},{c3[2]},{c3[3]}...{ck[k]}

Subsets with 2 controllers-

{c1[1],c1[2]},c1[1],c2[1],c1[1],c3[1]},{c1[1],c3[2]},{c1[1],c3[3]},{c1[1],ck[k]},{c1[2],c2[1]},{c1[2],c3[1]},{c1[2],e},{c1[2],c3[3]},{c1[2],ck[k]},{c2[1],c3[1]},{c2[1],c3[2]},{c2[1],c3[3]},{c2[1],ck[k]},{c3[1],c3[2]},{c3[1],c3[3]},{c3[1],ck[k]},{c3[2],c3[3]},{c3[2],ck[k]},{c3[3],ck[k]}

Subsets with k controllers-{c1[1],c1[2],c2[1],c3[1],c3[2],c3[3]...ck}

3.4 Flowchart of The Algorithm

We illustrated the flowchart of the RTZLK-DAASCP algorithm in Fig.4.

Figure 4:Flowchart of RTZLK-DAASCP algorithm

4 Result and Diagrams

Our proposed algorithm has been developed using A Mathematical Programming Language(AMPL) [55],which supports formulation,testing &deployment,and IBM ILOG CPLEX [56]with Intel (R) Core (TM) i7-6700 CPU@3.40 GHz,RAM 8 GB,and virtual memory 128 GB machine.The proposed smart algorithm is evaluated in several different scenarios.The obtained data from the result presented in Tabs.1-4.The diagrams from the results show the connection between the controller and a smart backup controller,controllers to controllers,DDoS attacks,and controllers to switches under four typical practical networks given in Figs.5-8.

Table 1:Four SDN controllers placement with 9 switches without DDoS attack

Table 2:Two SDN controllers placed with 3 switches with 1 backup controller under DDoS attack

The entirety of the over four DDoS attack situations demonstrated that our smart algorithm could guarantee the SDN operation is uninterrupted even under the different frequency of DDoS attack by placing the extra smart backup controller in addition to the existing SDN controller.

Table 3:Eight SDN controllers placement with 13 switches and 1 backup controller under DDoS attack

Table 4:Five SDN controllers placement with 9 switches and 7 backup controllers under DDoS attack

The vital cost concerning repeat of attacks plotted as exhibited in Fig.9.The cost is going from USD 30,000 for no attack to around USD 50,000 for the triple attack.It will in general be contemplated that insignificant exertion for the low attack,the medium cost is typical for a medium attack and higher cost for the higher attack.Compare to the recently proposed Lightweight algorithm [57] and boosting algorithm [58],The results obtained show that our proposed RTZLK-DAASCP smart algorithm provides uninterrupted SDN services against DDoS attacks with high accuracy and minimum cost.

Figure 5:Diagram from the result data of Tab.1

Figure 6:Diagram from the result data of Tab.2

5 Vision and Future Directions

The impact of the design and planning of SDN infrastructure varies from different geolocations.It is necessary to implement the proposed algorithm in real heterogeneous network topologies based on heterogeneous geo-locations.

Figure 7:Diagram from the result data of Tab.3

5.1 Vision

IoT devices and sensors,computers,ISPs,telecommunication,satellite communication,and datacenter networking system need SDN to empower dynamic provisioning,advanced network usage,and the making of new wellsprings of income.

5.2 Future Direction

In SDN deployment,there are additional challenges that we should address.One such challenge is that many ISP,Telecommunication or satellite communication operators or equipment manufacturers will require extra preparation,training and activities instruments to exploit SDN,and at last streamline their tasks and the SDN control plane must have the option to help multiarea,multi-layer asset portion and advancement.Our proposed model is suitable for planning and deployment in a real-world networking topology for these two Geo locations: IBM (USA) and KREONET (South Korea) [59].We are furnishing diagram and real-time dataset [60] from the Internet Topology Zoo and converted using yEd [61],a powerful diagramming program,depicted in Figs.10 and 11.

Figure 8:Diagram from the result data of Tab.4

Figure 9:The total expense for single or multiple smart backup controllers placements

5.2.1 Geo Location:IBM(USA)

Figure 10:The real topology diagram of IBM (USA),data executed by using yEd

5.2.2 Geo Location:KREONET(South Korea)

Figure 11:The real topology diagram of KREONET (South Korea),data converted by using yEd

6 Conclusions and Future Work

The outcomes got from our proposed RTZLK-DAASCP smart algorithm display that we have accomplished the target of limiting complete expense by advancing the necessity of numerous backup controllers dependent on hypothetical frequencies of DDoS attack.The obtained results show that one smart backup controller is installed at a specific location if a solitary attack happens in SDN.A few smart backup controllers will place if SDN experienced twofold or triple attacks.The discoveries exhibited that the proposed smart controller is lithe to confront DDoS attacks by placing a smart backup controller at fitting hubs to guarantee that authentic SDN clients stay continuous.The principle multifaceted nature of the smart algorithm is that it will require more time to plan and design any large-scale SDN.We will stretch out the proposed smart algorithm to deployment of Next Generation SDN (NG-SDN) Infrastructure in future work.We will develop RTZLK-DAA smart controller using DevOps and Mendix via IBM cloud access to the most advanced Quantum Computers and Google Quantum AI to resist DRDoS types of attack.This new research will be a milestone for future design and planning of IoT,telecommunication,and satellite communication systems using SDN.

Acknowledgement: The authors would like to thank the editors of CMC and anonymous reviewers for their time and review of this manuscript and Professor Dr.Yong-Jin Park (IEEE Life member and former Director IEEE Region 10) valuable comments and suggestions on improving the paper.

Funding Statement: TM R&D Sdn Bhd fully supports this research work under Project RDTC160902.S.C.Tan and Z.Yusoff received the fund.Sponsors’Website: https://www.tmrnd.com.my.

Conflicts of Interest: The authors declare that they have no conflicts of interest to report regarding the present study.