Detección de ataques de denegación de servicio en redes definidas por software
| dc.contributor.advisor | Ferro Escobar, Roberto | |
| dc.contributor.author | Parra Fajardo, Jaime Andres | |
| dc.date.accessioned | 2026-02-02T18:25:17Z | |
| dc.date.available | 2026-02-02T18:25:17Z | |
| dc.date.created | 2025-12-02 | |
| dc.description | Las redes definidas por software son una alternativa innovadora frente a las limitaciones de las arquitecturas de red tradicionales, ofreciendo flexibilidad, programabilidad y una visión global de la topología gracias a la separación del plano de control y el plano de datos. No obstante, esta centralización introduce nuevos retos de seguridad, ya que el controlador se convierte en un punto crítico de vulnerabilidad. Entre las amenazas más relevantes se encuentran los ataques de denegación de servicio (DoS/DDoS), capaces de saturar los recursos del plano de control mediante flujos de tráfico maliciosos y degradar el rendimiento de la red. En este artículo se presenta una revisión de las vulnerabilidades en redes SDN, de las técnicas de detección propuestas en la literatura y de los principales desafíos. A partir de este análisis, se propone un modelo de arquitectura híbrida en dos capas que combina técnicas de detección ligeras para la identificación temprana de anomalías con algoritmos de ML/DL activados bajo demanda para la clasificación del tráfico sospechoso, destacando la necesidad de mecanismos especializados que preserven el desempeño del controlador y optimicen el costo computacional. | |
| dc.description.abstract | Software-Defined Networking (SDN) has emerged as an innovative alternative to traditional network architectures, offering flexibility, programmability, and a global view of topology through the separation of the control and data planes. However, this centralization also introduces new security challenges, as the controller becomes a critical point of vulnerability. Among the most significant threats are Denial-of-Service (DoS/DDoS) attacks, which can exhaust control-plane resources through malicious traffic flows and degrade overall network performance. This article presents a review of vulnerabilities in SDN environments, the main detection techniques proposed in literature and the key current challenges. Based on this analysis, a two-layer hybrid detection architecture is proposed, combining lightweight detection techniques for early anomaly identification with on-demand ML/DL based classifiers for suspicious traffic, highlighting the need for specialized mechanisms that preserve controller performance while optimizing computational cost. | |
| dc.identifier.uri | http://hdl.handle.net/11349/100282 | |
| dc.publisher | Universidad Distrital Francisco José de Caldas | |
| dc.relation.references | G. Zheng, X. Xu, y J. Yan, “SD-CRF: A DoS Attack Detection Method for SDN”, en 2020 IEEE 20th International Conference on Communication Technology (ICCT), Nanning, China: IEEE, oct. 2020, pp. 1116–1120. Doi: 10.1109/ICCT50939.2020.9295801. | |
| dc.relation.references | L. F. Eliyan y R. D. Pietro, “DeMi: A Solution to Detect and Mitigate DoS Attacks in SDN”, IEEE Access, vol. 11, pp. 82477–82495, 2023, Doi: 10.1109/ACCESS.2023.3301994. | |
| dc.relation.references | H. Rathore, A. Samant, y M. Guizani, “A Bio-Inspired Framework to Mitigate DoS Attacks in Software Defined Networking”, en 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), jun. 2019, pp. 1–5. Doi: 10.1109/NTMS.2019.8763818. | |
| dc.relation.references | R. R. Mathew y A. Vidhate, “Adaptive DoS Attack Detection in SDN”, en 2024 International Conference on Emerging Smart Computing and Informatics (ESCI), mar. 2024, pp. 1–5. Doi: 10.1109/ESCI59607.2024.10497358. | |
| dc.relation.references | M. Sinha, “A comprehensive survey of DDoS attack defense systems for different SDN architectures”, Computer Networks, vol. 272, p. 111711, nov. 2025, Doi: 10.1016/j.comnet.2025.111711. | |
| dc.relation.references | A. Shaghaghi, M. A. Kaafar, R. Buyya, y S. Jha, “Software-Defined Network (SDN) Data Plane Security: Issues, Solutions and Future Directions”, el 1 de abril de 2018, arXiv: arXiv:1804.00262. Doi: 10.48550/arXiv.1804.00262. | |
| dc.relation.references | D. Huang, A. Chowdhary, y S. Pisharody, Software-Defined Networking and Security: From Theory to Practice, 1a ed. First edition. | Boca Raton, FL : CRC Press/Taylor & Francis Group, 2018. | Series: Data-enabled engineering: CRC Press, 2018. Doi: 10.1201/9781351210768. | |
| dc.relation.references | P. Gö̈ransson y C. Black, Software defined networks: a comprehensive approach. Amsterdam ; Boston: Elsevier, Morgan Kaufmann, 2014. | |
| dc.relation.references | N. Nisa, A. S. Khan, Z. Ahmad, S. Aqeel, J. Asim, y S. Afzal, “Conceptual Review of DoS Attacks in Software Defined Networks”, en 2022 Applied Informatics International Conference (AiIC), may 2022, pp. 154–158. Doi: 10.1109/AiIC54368.2022.9914598. | |
| dc.relation.references | M. B. Jiménez, D. Fernández, J. E. Rivadeneira, L. Bellido, y A. Cárdenas, “A Survey of the Main Security Issues and Solutions for the SDN Architecture”, IEEE Access, vol. 9, pp. 122016–122038, 2021, Doi: 10.1109/ACCESS.2021.3109564. | |
| dc.relation.references | S. Kumar y S. Gupta, “Security Attacks in Software Defined Networks”, en 2024 International Conference on Sustainable Communication Networks and Application (ICSCNA), dic. 2024, pp. 422–426. Doi: 10.1109/ICSCNA63714.2024.10864029. | |
| dc.relation.references | N. Gude et al., “NOX: towards an operating system for networks”, SIGCOMM Comput. Commun. Rev., vol. 38, núm. 3, pp. 105–110, jul. 2008, Doi: 10.1145/1384609.1384625. | |
| dc.relation.references | “Installing POX — POX Manual Current documentation”. Consultado: el 3 de noviembre de 2025. [En línea]. Disponible en: https://noxrepo.github.io/pox-doc/html/ | |
| dc.relation.references | “Floodlight Documentation - Floodlight Controller - Confluence”. Consultado: el 3 de noviembre de 2025. [En línea]. Disponible en: https://floodlight.atlassian.net/wiki/spaces/floodlightcontroller/overview | |
| dc.relation.references | D. Erickson, “The beacon openflow controller”, en Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, en HotSDN ’13. New York, NY, USA: Association for Computing Machinery, ago. 2013, pp. 13–18. Doi: 10.1145/2491185.2491189. | |
| dc.relation.references | “Kandoo | Proceedings of the first workshop on Hot topics in software defined networks”. Consultado: el 3 de noviembre de 2025. [En línea]. Disponible en: https://dl.acm.org/Doi/10.1145/2342441.2342446 | |
| dc.relation.references | “OpenDaylight”. Consultado: el 3 de noviembre de 2025. [En línea]. Disponible en: https://www.opendaylight.org/ | |
| dc.relation.references | K. Phemius, M. Bouet, y J. Leguay, “DISCO: Distributed multi-domain SDN controllers”, en 2014 IEEE Network Operations and Management Symposium (NOMS), may 2014, pp. 1–4. Doi: 10.1109/NOMS.2014.6838330. | |
| dc.relation.references | “Open Network Operating System (ONOS) SDN Controller for SDN/NFV Solutions”, Open Networking Foundation. Consultado: el 3 de noviembre de 2025. [En línea]. Disponible en: https://opennetworking.org/onos/ | |
| dc.relation.references | A. Tootoonchian y Y. Ganjali, “HyperFlow: A Distributed Control Plane for OpenFlow”. | |
| dc.relation.references | T. Koponen et al., “Onix: A distributed control platform for large-scale production networks”, Proc. OSDI, pp. 1–6, 2010. | |
| dc.relation.references | A. D. Ferguson, A. Guha, C. Liang, R. Fonseca, y S. Krishnamurthi, “Participatory networking: an API for application control of SDNs”, en Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM, Hong Kong China: ACM, ago. 2013, pp. 327–338. Doi: 10.1145/2486001.2486003. | |
| dc.relation.references | V. Pashkov y A. Antipina, “Protection of the Control Plane from DDoS Attacks in Software-Defined Networks”, en 2022 International Conference on Modern Network Technologies (MoNeTec), oct. 2022, pp. 1–7. Doi: 10.1109/MoNeTec55448.2022.9960762 | |
| dc.relation.references | S. Hong, L. Xu, H. Wang, y G. Gu, “Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures”, en Proceedings 2015 Network and Distributed System Security Symposium, San Diego, CA: Internet Society, 2015. Doi: 10.14722/ndss.2015.23283. | |
| dc.relation.references | R. R. Mathew y A. Vidhate, “Adaptive DoS Attack Detection in SDN”, en 2024 International Conference on Emerging Smart Computing and Informatics (ESCI), mar. 2024, pp. 1–5. Doi: 10.1109/ESCI59607.2024.10497358. | |
| dc.relation.references | D. Tang, R. Dai, Y. Yan, K. Li, W. Liang, y Z. Qin, “When SDN Meets Low-rate Threats: A Survey of Attacks and Countermeasures in Programmable Networks”, ACM Comput. Surv., vol. 57, núm. 4, pp. 1–32, abr. 2025, Doi: 10.1145/3704434. | |
| dc.relation.references | M. S. Farooq, S. Riaz, y A. Alvi, “Security and Privacy Issues in Software-Defined Networking (SDN): A Systematic Literature Review”, Electronics, vol. 12, núm. 14, p. 3077, ene. 2023, Doi: 10.3390/electronics12143077. | |
| dc.relation.references | G. Fioravanti, M. G. Spina, y F. De Rango, “Entropy based DDoS Detection in Software Defined Networks”, en 2023 IEEE 20th Consumer Communications & Networking Conference (CCNC), ene. 2023, pp. 636–639. Doi: 10.1109/CCNC51644.2023.10059949. | |
| dc.relation.references | S. N y A. K. V, “Early Detection and Mitigation of DoS Attacks in SDN Controller”, en 2022 International Conference on Intelligent Innovations in Engineering and Technology (ICIIET), sep. 2022, pp. 315–322. Doi: 10.1109/ICIIET55458.2022.9967650. | |
| dc.relation.references | J. Singh y S. Behal, “A Novel Approach for the Detection of DDoS Attacks in SDN using Information Theory Metric”, en 2021 8th International Conference on Computing for Sustainable Global Development (INDIACom), mar. 2021, pp. 512–516. Consultado: el 5 de octubre de 2025. [En línea]. Disponible en: https://ieeexplore.ieee.org/document/9441353/ | |
| dc.relation.references | A. B, S. Babu, y L. V. Namboothiri, “Protecting SDN from DDoS Attacks Using AI Techniques”, en 2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT), jul. 2023, pp. 1–6. Doi: 10.1109/ICCCNT56998.2023.10306891. | |
| dc.relation.references | R. Raj y S. Singh Kang, “Mitigating DDoS Attack using Machine Learning Approach in SDN”, en 2022 4th International Conference on Advances in Computing, Communication Control and Networking (ICAC3N), dic. 2022, pp. 462–467. Doi: 10.1109/ICAC3N56670.2022.10074307. | |
| dc.relation.references | A. K. Kurakula, K. Akhila, M. Bhavya, y M. V. Sai, “Detecting Distributed DoS Attacks on SDN using Machine Learning (ML) Methods”, en 2023 International Conference on Innovative Data Communication Technologies and Application (ICIDCA), mar. 2023, pp. 767–772. Doi: 10.1109/ICIDCA56705.2023.10099680. | |
| dc.relation.references | W. Zhao, H. Sun, y D. Zhang, “Research on DDoS Attack Detection Method Based on Deep Neural Network Model inSDN”, en 2022 International Conference on Networking and Network Applications (NaNA), dic. 2022, pp. 184–188. Doi: 10.1109/NaNA56854.2022.00038. | |
| dc.relation.references | R. F. Fouladi, O. Ermiş, y E. Anarim, “A DDoS attack detection and defense scheme using time-series analysis for SDN”, Journal of Information Security and Applications, vol. 54, p. 102587, oct. 2020, Doi: 10.1016/j.jisa.2020.102587. | |
| dc.relation.references | A. D. S. Ilha, A. C. Lapolli, J. A. Marques, y L. P. Gaspary, “Euclid: A Fully In-Network, P4-Based Approach for Real-Time DDoS Attack Detection and Mitigation”, IEEE Trans. Netw. Serv. Manage., vol. 18, núm. 3, pp. 3121–3139, sep. 2021, Doi: 10.1109/TNSM.2020.3048265. | |
| dc.relation.references | S. Jiang et al., “BSD-Guard: A Collaborative Blockchain-Based Approach for Detection and Mitigation of SDN-Targeted DDoS Attacks”, Security and Communication Networks, vol. 2022, núm. 1, p. 1608689, 2022, Doi: 10.1155/2022/1608689. | |
| dc.relation.references | “(PDF) Enhancing DDoS Attack Detection and Mitigation in SDN Using an Ensemble Online Machine Learning Model”, ResearchGate, Doi: 10.1109/ACCESS.2024.3384398. | |
| dc.relation.references | F. Mvah, V. Kengne Tchendji, C. Tayou Djamegni, A. H. Anwar, D. K. Tosh, y C. Kamhoua, “Countering ARP spoofing attacks in software-defined networks using a game-theoretic approach”, Computers & Security, vol. 139, p. 103696, abr. 2024, Doi: 10.1016/j.cose.2023.103696. | |
| dc.relation.references | M. S. Tok y M. Demirci, “Security analysis of SDN controller-based DHCP services and attack mitigation with DHCPguard”, Computers & Security, vol. 109, p. 102394, oct. 2021, Doi: 10.1016/j.cose.2021.102394. | |
| dc.relation.references | A. I. Hassan, E. A. El Reheem, y S. K. Guirguis, “An entropy and machine learning based approach for DDoS attacks detection in software defined networks”, Sci Rep, vol. 14, núm. 1, p. 18159, ago. 2024, Doi: 10.1038/s41598-024-67984-w. | |
| dc.relation.references | Z. Long y W. Jinsong, “A hybrid method of entropy and SSAE-SVM based DDoS detection and mitigation mechanism in SDN”, Computers & Security, vol. 115, p. 102604, abr. 2022, Doi: 10.1016/j.cose.2022.102604. | |
| dc.rights.acceso | Abierto (Texto Completo) | |
| dc.rights.accessrights | OpenAccess | |
| dc.subject | Ataques de denegación de servicio | |
| dc.subject | OpenFlow | |
| dc.subject | Redes Definidas por Software | |
| dc.subject | Seguridad de redes | |
| dc.subject.keyword | Denial of Service attacks | |
| dc.subject.keyword | Software-Defined Networking | |
| dc.subject.keyword | Network Security | |
| dc.subject.keyword | OpenFlow protocol | |
| dc.title | Detección de ataques de denegación de servicio en redes definidas por software | |
| dc.title.titleenglish | Detection of denial-of-service attacks in software-defined networking | |
| dc.type | bachelorThesis | |
| dc.type.degree | Producción Académica |
Archivos
Bloque de licencias
1 - 1 de 1
No hay miniatura disponible
- Nombre:
- license.txt
- Tamaño:
- 7 KB
- Formato:
- Item-specific license agreed upon to submission
- Descripción: