(CANCELED) Cyber Security Webinar by Dr. Chhagan Lal : Detection and Mitigation of TCP SYN Flood attacks on SDN Controllers
13 april 2021 12:00 t/m 12:45 - Locatie: Zoom | Zet in mijn agenda
Event has been canceled
The talk will be online, and the link is:
https://tudelft.zoom.us/j/92627273600?pwd=Q2w5RVAvZ1dBRitnZ0NUanlqV294dz09
Meeting ID: 926 2727 3600
Passcode: 908474
Speaker: Dr. Chhagan Lal
Abstract
Software-Defined Network (SDN) segregates the control plane and the data plane to bring about a programmable network. The controller at the control plane runs network modules and sets rules for forwarding the packets in the switches that reside at the data plane. Though advantageous in several ways, SDN can fail when the controller is saturated by a flood of TCP SYN packets. SYN flood can be created using malicious spoofing of IP or MAC addresses or flash crowd. The existing solutions to mitigate SYN flood against the controller do not adequately handle MAC spoofing based SYN flood, and these are unable to distinguish between the flash crowd and malicious traffic.
In this talk, I will present a novel mechanism (named AEGIS) that detects and mitigates SYN flood attacks against the SDN controllers. AEGIS runs in the controller, and it regularly checks if there is a performance lag in the controller. If performance degradation is detected, then AEGIS takes it as an indication of SYN flood and identifies whether it is due to spoofed addresses or flash crowd. Once the reason is found, the appropriate mitigation procedure is triggered. AEGIS performance is evaluated on testbed and emulator settings.