Improving DDoS Detection Accuracy Using Six-Sigma in SDN Environment

Achmad Khalif Hakim, Maman Abdurohman, Fazmah Arif Yulianto


This paper proposes the new method for improving the accuracy of detection of DDoS attacks on the SDN by utilizing control plane using Six-Sigma method. Software-Defined Networking (SDN) is a centralized network control system. This system offers flexibility on receiving, processing and forwarding packets between subnetworks. The centralized system of SDN, which separates control plane and data plan, has an immense number of advantages, but it also has the risk of becoming a single point of network failure. Distributed Denial of Service (DDoS) attack is the major issues faced in the security aspect of SDN. This attack can make network resources unreachable by the real packets. The widely known method has been implemented on SDN for avoiding a DDoS attack is Three-Sigma method. Three-Sigma method uses a threshold value to determine the existence of a DDoS attack. However, this method has drawbacks regarding accuracy in determining the DDoS attack. The main contribution of this paper is utilizing central control plane of SDN for improving accuracy on detecting the DDoS attack. Several experiments performed for proving the concept. The result shows the new method can improve the accuracy of detection of a DDoS attack, either in constant or fluctuating traffic, by reducing the false positive. The performance is about 50% more accurate than the previous method.


Software-Defined Networking (SDN); Distributed Denial of Service (DDoS); three-sigma; six-sigma

Full Text:



B. B. Gupta, Manoj Misra, R. C. Joshi, An ISP Level Solution to Combat DDoS Attacks using Combined Statistical Based Approach, 2008.

Mousavi, S.M “Early Detection of DDoS Attacks in Software Defined Networks Controller”. Carleton University. Canada. 2014.

Yadav, A., Radadiya, M., Tilva, M., Rohokale, V. “SDN Control Plan Security in Cloud Computing Against DDOS Attack”. 2016.

C. Dillon, M. Berkelaar , “OpenFlow (D)DoS Mitigation”, 2014

S. Das, G. Parulkar, N. McKeown, “Unifying Packet and Circuit Networks”, Below IP Networking (BIPN), November 2009. (S, G, & N, 2009)

Alvaro Garcia de la Villa, Tuomas Aura, Aapo Kalliola, Distributed Denial of Service Attacks defenses and OpenFlow: Implementing denial-of-service defense mechanisms with software defined networking, 2014.

Saurav Das, Guru Parulkar, Nick McKeown. Unifying Packet and Circuit Switched Networks with OpenFlow. 2009

Siamak Azodolmolky, software defined network with OpenFlow, 2013

Varun Tiwari, Rushit Parekh and Vishal Patel. A Survey on Vulnerabilities of OpenFlow Network and its Impact on SDN/OpenFlow Controller. in World Academics Journal of Engineering Sciences 2014

Wolfgang Braun, Michael Menth, Software-Defined Networking Using OpenFlow: Protocols, Applications and Architectural Design Choices, 2014.

Chun-Yu Hsu, Pang-Wei Tsai, Hou-Yi Chou, Mon-Yen Luo,Chu-Sing Yang, 1A Flow-based Method to Measure Traffic Statistics in Software Defined Network, 2014.

S. Akbar Mehdi, J. Khalid, and S. Ali Khayam, Revisiting Traffic Anomaly Detection using Software-Defined Networkinging, 2011

Open Networking Foundation, OpenFlow Switch Speci_cation v1.0, 2009



  • There are currently no refbacks.

Published by INSIGHT - Indonesian Society for Knowledge and Human Development