4.1 attacks In this attack, the attacker

4.1 Introduction

chapter describes HTTP-based flooding DDoS attacks and how they can harm the
SDN-based environment, also describes SD-Anti-DDoS method and how it can
protect the SDN-based environment. Another section in this chapter describes
the proposed function that added to SD-Anti-DDoS method.

We Will Write a Custom Essay about 4.1 attacks In this attack, the attacker
For You For Only $13.90/page!

order now

4.2 HTTP-based flooding DDoS attacks

HTTP-based DDoS attack is one of the serious DDoS attacks
that based on HTTP protocol. This type of attack is difficult to fix because
it’s packets like legal packets, it attacks its target by sending HTTP requests
that pass throw defense mechanisms as legal packets. It has many types that can
be classified into:

Session flooding attack

In this attack, the attacker sends many session request packet
(usually more than 10 requests per second) to its target that classified as
normal packet, then the target starts processing all these requests until
become unable to process legal requests and lead to flooding26,

Request flooding attacks

          In this attack, the attacker sends
session packets that contains higher number of requests than the normal session
packets that sent by users, this request consume the target server CPU and
memory power and make it unable to process the legal requests26,

Asymmetric attacks

In this attack, the attacker sends session packets that
contains high workload requests, this requests make the target server busy with
this workload and becomes unable to process another requests26,

Slow request/response attack

In this attack, the attacker sends not completed requests slowly,
this requests makes it target server waiting for the rest of the request. Some
of the famous attacks in this type of attack are Slowloris attack (also called
slow headers attack), HTTP fragmentation attack, slow post attack (also called
slow request bodies or R-U-Dead-Yet) attack, and slow reading attack (also
called slow response attack) 26,

4.3 SD-Anti-DDoS

          Software Defined Anti-DDoS
(SD-Anti-DDoS) is new DDoS attack detection, trackback and mitigation method
proposed by Y. Cui, et all 6 in 2016, it’s based
on novel mechanism and Back Propagation Neural Network (BPNN).
The main goal of this method is to detect and mitigate DDoS attacks with lowest
possible load in CPU and low detecting time.

          This method runs depending on (packet
in message), this message is a special message sent from the SDN switch to the
controller that notify about new packet comes to the switch that  does not match flow table flow entries or its
action does not match flow entry explicitly stipulates that should be outputted
to controller. When this message appears, that means the incoming packet in one
of two classifications, the first one is this packet type is legal but unknown
by the switch. The second classification is an attack packet. When the
controller received the message it handles this message and send a (packet out
message) that tell the switch what to do with this packet, if its legal packet
the switch will add its entries to the flow table, else will delete it6.