DEPLOYMENT OF SMART CONTRACTS ON BLOCKCHAIN TECHNOLOGY IN EARLY MITIGATION OF DISTRIBUTED DENIAL OF SERVICE IN SOFTWARE DEFINED NETWORKS
DOI:
https://doi.org/10.4314/njt.v44i1.12Keywords:
Distributed Denial of Service, SDN, Blockchain, Mitigation, Smart ContractsAbstract
The rapid growth of smart and mobile devices that have resulted in content proliferation, server virtualization, and the emergence of cloud services have compelled the communication network industry to re-examine its network topologies. In this work, Distributed Denial of Service (DDoS) attacks are conducted by flooding target systems with traffic, designed to disrupt or suspend internet services for use by legitimate users. These attacks deplete network resources, thereby disabling those services and in turn decreasing the availability of the network. Blockchain technology has emerged as a viable option for DDoS mitigation. This technology has blockchain's core and promising inherent features to combat fatal cyber threats. These features include but are not limited to decentralization, immutability, integrity, anonymity, and verifiability. This work models a Software Defined Network (SDN) that is capable of mitigating DDoS attacks by integrating smart contracts. This offers a security technique that combines SDN and Blockchain to mitigate DDoS attacks at early stage. Intrusion detection and prevention are essential components of a comprehensive network protection strategy and are employed to detect and mitigate DDoS attacks in the SDN. In this paper, a secure network architecture capable of mitigating DDoS attacks in less than a second through the use of Blockchain technology has been presented after deployment. With a maximum of 25 requests per second for a single user and 8,000 compromised nodes, the software defined network successfully mitigated the DDoS at 0.68 seconds.
References
[1] Jammal, M., Singh, T., Shami, A., Asal, R. and Li, Y. N “Software Defined Networking: State of the art and Research Challenges”, Computer Networks, vol.72, pp.74 – 98, 2014. doi.org/10. 1016/j.comnet.2014.07.004
[2] Eliyan, L. F. and Pietro, R. D. “DoS and DDoS Attacks in Software Defined Networks: A Survey of Existing Solutions and Research Challenges”, Future Generation Computer Systems, vol. 122, pp. 149 – 171, 2021. doi.org/ 10.1016/j.future.2021.03.011
[3] Sanjeetha R., Srivastava, S., Kanavalli, A., Pattanaik, A. and Gupta, A. "Mitigation of Combined DDoS Attack on SDN Controller and Primary Server in Software Defined Networks Using a Priority on Traffic Variation," 2020 International Conference for Emerging Technology (INCET), Belgaum, India, June 5 – 7, 2020, pp. 1 – 5. doi.org/10.1109/INCET498 48.2020.9153998
[4] Mahjabin, T., Xiao, Y., Sun, G., and Jiang, W. “A Survey of Distributed Denial of Service Attack, Prevention, and Mitigation Techniques”, International Journal of Distributed Sensor Networks, vol. 13, no. 12, pp. 1 - 33, 2017. doi.org/10.1177/15501477177 41463
[5] Sukhdeve, N. M., Sakhare, A. and Gangwar, S. “Overview of SDN with Blockchain over Cloud Environment”, International Journal of Engineering Research & Technology, vol. 08, no. 12, pp. 279-281, 2019. doi.org/10.17577/IJE RTV8IS120166
[6] Braun, W., and Menth, M. “Software Defined Networking Using OpenFlow: Protocols, Applications and Architectural Design Choices”, Future Internet, vol. 11, pp. 302 – 336, 2014. doi.org/10.3390/fi6020302
[7] Nazario, J. “DDoS Attack Evolution,” Network Security, vol. 2008, pp.7 – 10, 2008. doi.org/10. 1016/S1353-4858(08)70086-2
[8] https://media.kasperskycontenthub.com/wp-co ntent/uploads/sites/43/2022/11/03142348/02-e n-ddos-q3-2022.png ddos-attacks-in-q3 2022 access 13 January 2025.
[9] Assis, M., Novaes, M., Zerbini, C., Carvalho, L., Abrao, T. and Proenca, M. “Fast Defense System Against Attacks in Software Defined Networks”, IEEE Access, vol. 6, pp. 69620 – 69639, 2018. doi.org/10.1109/ACCESS.2018. 2878576
[10] YuHunag, C., MinChi, T., YaoTing, C., YuChieh, C., and YanRen, C. “A Novel Design for Future On-demand Service and Security,” International Conference on Communication Technology Proceedings, ICCT, Nanjing, China, November 11-14, 2010, pp. 385-388. doi.org/10.1109/ICCT.2010.5689156
[11] Braga, R., Mota, E., and Passito, A. "Lightweight DDoS Flooding Attack Detection Using NOX/OpenFlow," IEEE Local Computer Network Conference, Denver, CO, USA, 2010, pp. 408-415. doi.org/10.1109/ LCN.2010.5735752
[12] Porras, P., Seungwon, S., Yegneswaran, V., Fong, M., Tyson, M. and Gu, G. “A Security Enforcement Kernel for OpenFlow Networ-ks”, Proceedings of the first workshop on Hot topics in software defined networks, pp. 121–126, 2012. doi.org/10.1145/2342441.2342466
[13] Behal, S. and Kumor, K. “Detection of DDoS Attacks and Flash Events Using Novel Information Theory Metrics”, Computer Networks, vol. 116, pp.96 – 110, 2017. doi.org/ 10.1016/j.comnet.2017.02.015
[14] Xiang, Y., Li, K., and Zhou, W. “Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics”, Transactions on Information Forensics and Security, vol. 6, no. 2, pp. 426-437, 2011. doi.org/10.1109/ TIFS.2011.2107320
[15] Xiang, Y., Lin, Y., Lei, W. L. and Haug, S. J. “Detecting DDOS Attack Based on Network Self-similarity”, Communications, IEE Procee-dings, vol. 151, pp. 292-295, 2004. doi.org/10. 1049/ip-com:20040526
[16] Bhuyan, M. H., Bhattacharyya, D. K., and Kalita, J. K. "Information Metrics for Low-rate DDoS Attack Detection: A comparative evaluation", 2014 Seventh International Conference on Contemporary Computing (IC3), Noida, India, 2014, pp. 80-84. doi.org/ 10.1109/IC3.2014.6897151
[17] Chonka, A., Singh, J., and Zhou, W. “Chaos Theory-based Detection Against Network Mimicking DDoS Attacks”, IEEE Communications Letters, vol. 13, pp. 717-719, 2009. DOI:doi.org/10.1109/LCOMM.2009.09 0615
[18] Chen, Y., Ma, X., and Wu, X. “DDoS Detection Algorithm Based on Preprocessing Network Traffic Predicted Method and Chaos Theory”, IEEE Communications Letters, vol. 17, pp. 1052-1054, 2013. doi.org/10.1109/LCOMM.20 13.031913.130066
[19] Xie, Y., and Yu, S. Z. "Monitoring the Application-Layer DDoS Attacks for Popular Websites", in IEEE/ACM Transactions on Networking, vol. 17, no. 1, pp. 15-25, 2009. doi.org/10.1109/TNET.2008.925628
[20] Luo, H., Lin, Y., Zhang H., and Zukerman, M. "Preventing DDoS Attacks by Identifier/ Locator Separation", IEEE Network, vol. 27, no. 6, pp. 60-65, 2013. doi.org/10.1109/MNET.20 13.6678928
[21] Almakhour, M., Wehby, A., Sliman, L., Samhat, A. E., and Mellouk, A. "Smart Contract Based Solution for Secure Distributed SDN", 11th IFIP International Conference on New Technologies, Mobility and Security (NTMS), Paris, France, pp. 1-6, 2021. doi.org/ 10.1109/NTMS49979.2021.9432647
[22] Abdulkarem, H., and Dawod, A. "DDoS Attack Detection and Mitigation at SDN Data Plane Layer," 2020 2nd Global Power, Energy and Communication Conference (GPECOM), Izmir, Turkey, pp. 322-326, 2020. doi.org/10.11 09/GPECOM49333.2020.9247850
[23] Giri, N., Jaisinghani, R., Kriplani, R., Ramrakhyani, T. and Bhatia, V. "Distributed Denial of Service (DDoS) Mitigation in Software Defined Network Using Blockchain”, 3rd International conference on IoT in Social, Mobile, Analytics and Cloud (I-SMAC), Palladam, India, pp. 673-678, 2019. doi.org/ 10.1109/I-SMAC47947.2019.9032690
[24] Kumar, S., and Amin, R. “Mitigating Distributed Denial of Service Attack: Blockchain and Software Defined Networking Based Approach, Network Model with Future Research Challenges,” Security and Privacy, vol. 4, no. 4, pp. e163, 2021. doi.org/10.1002/ spy2.163
[25] Sumantra, I., and Gandhi, S. I. "DDoS attack Detection and Mitigation in Software Defined Networks", International Conference on System, Computation, Automation and Networking (ICSCAN), Pondicherry, India, pp. 1-5, 2020. doi.org/10.1109/ICSCAN49426.202 0.9262408
[26] Manso, P., Moura, J., and Serrao, C. “SDN – Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks,” Information, vol. 10, no. 106, pp. 1 – 17, 2019. doi.org/10.3390/info10030106
[27] GPC, https://cloud.google.com/gcp?utm_sourc e=google&utm_medium=cpc&utm_campaign=emeange-all-en-bkws-all-all-trial-e-gcp-1010 042&utm_content=text-ad-none-any-DEV_c-C RE_501794636587-ADGP_Hybrid%20%7C% 20BKWS%20-%20EXA%20%Txt%20~%20G eneral%32v2-KWID_43700061569959221-K wd-26415313501-userloc_1010297&utm_term =KW_google%20cloud%20platform-NET_g-P LAC_&gelid=CjwKCAiA7dKMBhBCEiwAO_erFFh_LY7v_4kYzma6nXWOvmioXG_CIEZ41BzDdelT-bbntj4Vs8iv9xoC5foQAvD_Bw E&gclsrc=aw.ds
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Nigerian Journal of Technology
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
The contents of the articles are the sole opinion of the author(s) and not of NIJOTECH.
NIJOTECH allows open access for distribution of the published articles in any media so long as whole (not part) of articles are distributed.
A copyright and statement of originality documents will need to be filled out clearly and signed prior to publication of an accepted article. The Copyright form can be downloaded from http://nijotech.com/downloads/COPYRIGHT%20FORM.pdf while the Statement of Originality is in http://nijotech.com/downloads/Statement%20of%20Originality.pdf
For articles that were developed from funded research, a clear acknowledgement of such support should be mentioned in the article with relevant references. Authors are expected to provide complete information on the sponsorship and intellectual property rights of the article together with all exceptions.
It is forbidden to publish the same research report in more than one journal.
How to Cite
