الفهرس 
IntroductionOnly 14 pages are availabe for public view
 |  | from | 108 |  |  |
| | | from | 108 | | |
Abstract
Software defined networking is an emerging category of networks in
which the data plane and control plane are separated. This separation of planes
opens the door for designing sophisticated routing algorithms that would
overwhelm the computing power of traditional networking nodes. In this thesis,
we consider the possibility of introducing trusted node into the routing problem.
There are many ways to measure node trust. However, in this thesis, we focus
on denial of service attacks. We develop a hybrid method for detecting denial of
service attacks and incorporate this information in routing decisions so that
nodes that are part of a botnet can be quickly identified and excluded from the
network. The proposed method is flexible enough to allow nodes that have been
suspected of participating in a denial of service attack to be “rehabilitated” if
they cease their malicious behaviour. The technique is also able to detect the
start of a second attack while another one is on-going. Our results indicate that
the proposed method for detecting denial of service attacks performs better than
non-hybrid techniques. Our results in our two scenarios are as follows: the first
scenario that had one attack its Precision is 95%, its recall is 100% and its fmeasure
is 98%. The second scenario that had two attacks its precision is 91%,
its recall is 95% and its f-measure is 93%.