Authors: GÖKHAN AKIN, OZAN BÜK, ERDEM UÇAR
Abstract: Online services on the Internet are increasing day by day, and in parallel, the number of cyber-attacks is rapidly increasing. These attacks are not always about data theft, but they can cause severe damage by denial of service attacks. Intrusion Prevention System products that many organizations use at the border of their enterprise networks are not strong enough to protect against DoS attacks. The typical way to mitigate such attacks is to get support from a service provider. However, a service provider only provides solutions for the traffic originating from itself. If the source of attack is in another ISP domain, it is possible to inform that ISP via phone or e-mail. As a result, the source of the attack is blocked by the manual intervention of the service provider whose domain hosts it. Border Gateway Protocol (BGP) based solutions are also available for automating a blocking system, but not all enterprise networks support BGP. In this research, we have developed a centralized automation solution for software defined network (SDN) environments that is capable of preventing cyber-attacks at the source of attack. This solution does not require any BGP support. Non-SDN environments can also use this attack mitigation and notification system. In the long run, we may use this system to create a national protection shield in order to mitigate Cybersecurity attacks.
Keywords: Denial of service, Cyber, Attack, Software defined network, Openflow, Flowspec
Full Text: PDF