- Instituto Tecnológico y de Estudios Superiores de Monterrey
- Academic Sector
The identification and mitigation of DDos cyberattacks using technologies such as SDN and artificial intelligence has been studied in recent years, obtaining satisfactory and promising results by training machine learning or deep learning models that act as an IDS that is deployed on the controller. This research group has been working on it in recent years, creating a framework for security automation in an SDN network that allows the identification and mitigation of DDoS attacks. However, one of the big challenges that all AI-based IDS face is scalability, due to the overload experienced by the controller, when analyzing a large number of flows. The proposed solution for scalability in SDN attack detection is to avoid the controller having to capture the data streams, extract the features to send to the IDS, instead the switches will extract the features from the data streams directly using P4 and will send them directly to the IDS for validation, avoiding driver overload.
The objective of this research is to improve the scalability of the current framework, by mitigating DDoS attacks in the data plane through the use of IA and P4, in this way scalability could be improved for complex architectures with a high volume of traffic.
The use of software-defined networks is currently global, since they are present in the administration of large networks as well as in the creation of dynamic WANs with SD-WAN solutions, with which the benefit and impact of the research results they will be very large since their coverage is not only in our Latin American region but throughout the world, coupled with this the increase in cyberattacks globally makes a solution that helps reduce the number of DDoS attacks not only very useful but highly desirable because of the great impact it will have.