![]() | Only 14 pages are availabe for public view |
Abstract Software defined networking is an emerging category of networks in which the data plane and control plane are separated. This separation of planes opens the door for designing sophisticated routing algorithms that would overwhelm the computing power of traditional networking nodes. In this thesis, we consider the possibility of introducing trusted node into the routing problem. There are many ways to measure node trust. However, in this thesis, we focus on denial of service attacks. We develop a hybrid method for detecting denial of service attacks and incorporate this information in routing decisions so that nodes that are part of a botnet can be quickly identified and excluded from the network. The proposed method is flexible enough to allow nodes that have been suspected of participating in a denial of service attack to be “rehabilitated” if they cease their malicious behaviour. The technique is also able to detect the start of a second attack while another one is on-going. Our results indicate that the proposed method for detecting denial of service attacks performs better than non-hybrid techniques. Our results in our two scenarios are as follows: the first scenario that had one attack its Precision is 95%, its recall is 100% and its fmeasure is 98%. The second scenario that had two attacks its precision is 91%, its recall is 95% and its f-measure is 93%. |