A Study on Traffic Asymmetry for Detecting DDoS Attack in P4-based SDN

Ting Yu Lin, Ching Yuan Wang, Ya Pei Tuan, Meng Hsun Tsai, Yean Ru Chen

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


With the popularity of the Internet, modern people increasingly rely on the Internet to complete a large amount of work, making the security of the Internet more and more important. Among many threats to network security, Distributed Denial-of-Service (DDoS) attacks have always been a problem that researchers want to solve. With the introduction of software-defined networking (SDN), more and more detection methods have been proposed. In this paper, we design a sketch-based method of data collection in the P4-based data plane, which sends less data to controller than the Openflow-based data plane with limited data size. Furthermore, our method collects data of both attackers and victims by asymmetric characteristics of data flows, which contributes to the mitigation of DDoS attacks by inserting rate-limited rules on the data plane. In experiments, our data collection structure can reach the 0.9 or more F1 score, and the number of entries is appropriate, while attack intensities are between 0Mbps to 500Mbps. In the evaluation section, we also present the result of labeling data by the K-means algorithm on the control plane.

Original languageEnglish
Pages (from-to)1265-1283
Number of pages19
JournalJournal of Information Science and Engineering
Issue number6
Publication statusPublished - 2022 Nov

All Science Journal Classification (ASJC) codes

  • Software
  • Human-Computer Interaction
  • Hardware and Architecture
  • Library and Information Sciences
  • Computational Theory and Mathematics


Dive into the research topics of 'A Study on Traffic Asymmetry for Detecting DDoS Attack in P4-based SDN'. Together they form a unique fingerprint.

Cite this