Efficient and Secure Architecture for Mitigating DDoS Attacks in Software-Defined Vehicular Networks

Meryem Chouikik, Mariyam Ouaissa, Mariya Ouaissa, Zakaria Boulouard, Mohamed Kissi

Abstract


Vehicular Ad Hoc Networks (VANETs) and Software-Defined Networking (SDN) have been combined to create SDN-enabled VANET architectures, which provide Intelligent Transportation Systems (ITS) with enhanced resource management, centralized control, and flexibility. However, the centralized control structure introduces new security challenges, notably Distributed Denial of Service (DDoS) attacks, which can significantly impact network stability and availability. In this study, we propose a DDoS detection framework for SDN-enabled VANETs, leveraging the Snort Intrusion Detection System (IDS) to effectively identify and mitigate DDoS threats. Our approach integrates Snort IDS into an SDN architecture based on the RYU controller, where Snort monitors network traffic for anomalies, and the SDN controller enforces dynamic mitigation strategies. The system is implemented using Mininet-WiFi, simulating a vehicular network environment with 10 vehicles nodes and a single RYU SDN controller. Performance evaluation under DDoS attack scenarios is conducted using the iPerf tool to measure key network metrics, including throughput, jitter, and packet loss rate. The results demonstrate that Snort IDS significantly improves network performance: jitter is reduced by up to 35%, packet loss rate decreases from over 40% to 15–25%, and throughput improves from 5–7 Mbps to a stable 10 Mbps. This study also explores the design and deployment of Snort within a Software-Defined Vehicular Network (SDVN) environment for effective DDoS detection and mitigation. By highlighting the importance of robust security mechanisms in SDN-enabled VANET architectures, this work contributes to the development of secure and reliable ITS infrastructures.

Full Text:

PDF

References


Al-shareeda, M. A., Alazzawi, M. A., Anbar, M., Manickam, S., & Al-Ani, A. K. (2021, July). A comprehensive survey on vehicular ad hoc networks (vanets). In 2021 International Conference on Advanced Computer Applications (ACA) (pp. 156-160). IEEE.

Mundhe, P., Verma, S., & Venkatesan, S. J. C. S. R. (2021). A comprehensive survey on authentication and privacy-preserving schemes in VANETs. Computer Science Review, 41, 100411.

Pavithra, T., & Nagabhushana, B. S. (2020, July). A survey on security in VANETs. In 2020 second international conference on inventive research in computing applications (ICIRCA) (pp. 881-889). IEEE.

Mekki, T., Jabri, I., Rachedi, A., & Chaari, L. (2022). Software‐defined networking in vehicular networks: A survey. Transactions on Emerging Telecommunications Technologies, 33(10), e4265.

Sultana, R., Grover, J., & Tripathi, M. (2021). Security of SDN-based vehicular ad hoc networks: State-of-the-art and challenges. Vehicular Communications, 27, 100284.

Nisar, K., Jimson, E. R., Hijazi, M. H. A., Welch, I., Hassan, R., Aman, A. H. M., ... & Khan, S. (2020). A survey on the architecture, application, and security of software defined networking: Challenges and open issues. Internet of Things, 12, 100289.

Arif, M., Wang, G., Geman, O., Balas, V. E., Tao, P., Brezulianu, A., & Chen, J. (2020). Sdn-based vanets, security attacks, applications, and challenges. Applied Sciences, 10(9), 3217.

Mohammed, B. A. (2022). Review on Software-Defined Vehicular Networks (SDVN). IJCSNS, 22(9), 376.

Houmer, M., Ouaissa, M., Ouaissa, M., & Hasnaoui, M. (2020). SE-GPSR: Secured and enhanced greedy perimeter stateless routing protocol for vehicular ad hoc networks.

Houmer, M., Ouaissa, M., & Ouaissa, M. (2022). Secure authentication scheme for 5g-based v2x communications. Procedia Computer Science, 198, 276-281.

Kumar, R., & Agrawal, N. (2023). A survey on software-defined vehicular networks (SDVNs): a security perspective. The Journal of Supercomputing, 79(8), 8368-8400.

Hussein, N. H., Yaw, C. T., Koh, S. P., Tiong, S. K., & Chong, K. H. (2022). A comprehensive survey on vehicular networking: Communications, applications, challenges, and upcoming research directions. IEEE Access, 10, 86127-86180.

Raut, R. M., & Asole, S. (2023, April). A Survey on Security Threats in VANET and Its Solutions. In International Conference on Recent Trends in Artificial Intelligence and IoT (pp. 229-240). Cham: Springer Nature Switzerland.

Sheikh, M. S., Liang, J., & Wang, W. (2019). A survey of security services, attacks, and applications for vehicular ad hoc networks (vanets). Sensors, 19(16), 3589.

Boucetta, S. I., & Johanyák, Z. C. (2022, May). Survey on security attacks in software defined VANETs. In 2022 IEEE 16th International Symposium on Applied Computational Intelligence and Informatics (SACI) (pp. 000185-000190). IEEE.

Ayodele, B., & Buttigieg, V. (2024). SDN as a defence mechanism: a comprehensive survey. International Journal of Information Security, 23(1), 141-185.

Chouikik, M., Ouaissa, M., Ouaissa, M., Boulouard, Z., & Kissi, M. (2022). Software-defined networking security: A comprehensive review. Big Data Analytics and Computational Intelligence for Cybersecurity, 91-108.

Carrascal, D., Rojas, E., Arco, J. M., Lopez-Pajares, D., Alvarez-Horcajo, J., & Carral, J. A. (2023). A comprehensive survey of in-band control in sdn: Challenges and opportunities. Electronics, 12(6), 1265.

Aldaoud, M., Al-Abri, D., Awadalla, M., & Kausar, F. (2023). Leveraging ICN and SDN for future internet architecture: a survey. Electronics, 12(7), 1723.

Maleh, Y., Qasmaoui, Y., El Gholami, K., Sadqi, Y., & Mounir, S. (2023). A comprehensive survey on SDN security: threats, mitigations, and future directions. Journal of Reliable Intelligent Environments, 9(2), 201-239.

Shaji, N. S., & Muthalagu, R. (2023). Survey on security aspects of distributed software-defined networking controllers in an enterprise SD-WLAN. Digital Communications and Networks.

Chouikik, M., Ouaissa, M., Ouaissa, M., Boulouard, Z., & Kissi, M. (2023, July). Impact of DoS attacks in software defined networks. In AIP Conference Proceedings (Vol. 2814, No. 1). AIP Publishing.

Kumar, R., & Agrawal, N. (2023). A survey on software-defined vehicular networks (SDVNs): a security perspective. The Journal of Supercomputing, 79(8), 8368-8400.

Adedeji, K. B., Abu-Mahfouz, A. M., & Kurien, A. M. (2023). DDoS attack and detection methods in internet-enabled networks: Concept, research perspectives, and challenges. Journal of Sensor and Actuator Networks, 12(4), 51.

Chouikik, M., Ouaissa, M., Ouaissa, M., Boulouard, Z., & Kissi, M. (2024). Detection and mitigation of DDoS attacks in SDN based intrusion detection system. Bulletin of Electrical Engineering and Informatics, 13(4), 2750-2757.

Su, Y., Xiong, D., Qian, K., & Wang, Y. (2024). A Comprehensive Survey of Distributed Denial of Service Detection and Mitigation Technologies in Software-Defined Network. Electronics, 13(4), 807.

Deneke, B. B., Beyene, A. M., & Haile, E. A. (2024). Improving Software Defined Network controllers in a multi-vendor environment. Heliyon, 10(4).

Zhang, W., Jing, S., & Zhao, C. (2023, June). A Survey of SDN Data Plane Attacks and Defense Strategies. In Proceedings of the 2023 2nd International Conference on Networks, Communications and Information Technology (pp. 59-65).

Fontes, R. R., Afzal, S., Brito, S. H., Santos, M. A., & Rothenberg, C. E. (2015, November). Mininet-WiFi: Emulating software-defined wireless networks. In 2015 11th International conference on network and service management (CNSM) (pp. 384-389). IEEE.

Fontes, R. D. R., & Rothenberg, C. E. (2016, August). Mininet-wifi: A platform for hybrid physical-virtual software-defined wireless networking research. In Proceedings of the 2016 ACM SIGCOMM Conference (pp. 607-608).

Ram, A., Dutta, M. P., & Chakraborty, S. K. (2024). A Flow-Based Performance Evaluation on RYU SDN Controller. Journal of The Institution of Engineers (India): Series B, 105(2), 203-215.

Zieliński, B. (2023). Assessment of iPerf as a Tool for LAN Throughput Prediction. International Journal of Electronics and Telecommunications, 523-528.




DOI: https://doi.org/10.31449/inf.v49i27.7920

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.