● To demonstrate the effect of DDoS attack on primary server by exhausting the flow table of switch connected to it.
o This can be done by sending lot of requests to different destination addresses by hosts connected to the same switch as that of the primary server.
● To identify flow table exhaustion on the switch connected to the primary server.
o This can be done by running a module on the controller that observes the number of requests coming in
from the switch per unit of time and the number of rules present in the switch at any given point of time.
● To differentiate between the genuine flow table rules and the attack rules.
o This can be done by running a module on the controller that checks the variation in destination IP address of the flow table rule requests.
The variation is more for attack rules and less for genuine rules.
● To vary the hard and idle timeout values of the attack flow table rules so as to avoid flow table exhaustion.
o The hard and idle time out values of the attack flow table rules are reduced to 1 second so that those rules gets replaced with new rules and the flow table does not exhausted.
● To demonstrate the effect of proposed solution during the attack and observe the performance.
o This can be done by checking various parameters like delay and through put of the packets sent between server and client during attack scenario and compare it with the scenario
which implements the proposed solution and plot graphs to show the results.