Department of Computer Science and Information Systems

Permanent URI for this collectionhttp://localhost:4000/handle/123456789/1928

Browse

Author: search.filters.author.Kulshrestha, RakheeSubject: search.filters.subject.Computer Science

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    Modeling and performance evaluation of OpenFlow switches using a MAP/PH/1/n queueing model
    (Elsevier, 2025-07) Shekhawat, Virendra Singh; Kulshrestha, Rakhee
    Software-Defined Networking (SDN) is a paradigm shift in network architecture. It decouples the control plane from the data plane to enable centralized network management and programmability. While Software Defined Networks (SDNs) offer significant advantages by efficient traffic management, it also introduces complexities that require comprehensive network modeling to predict and optimize network behavior before actual deployment. Queueing models provide a mathematical framework for analyzing and predicting how data packets behave as they traverse network devices. This paper presents a discrete-time MAP/PH/1/n queueing model to assess the performance of SDNs in handling complex and bursty traffic patterns. The model integrates packet processing at different switch components, including the switch buffer, ingress processing unit, and egress processing unit. It utilizes a finite buffer queue model with Markovian Arrival Process (MAP) and Phase-Type (PH) service times to capture data transmission behavior at an OpenFlow switch. The matrix geometric method is employed to calculate steady-state probabilities, which helps in evaluating Quality of Service (QoS) metrics such as average delay, throughput, and blocking probabilities. In addition, the mathematical model formulates performance measures, including probabilities for packet forwarding, packet drop, and packets redirected to the controller. We validated our model’s outcomes by conducting packet-based simulations using Mininet and the Ryu controller. The graphs obtained from both the mathematical model and the packet simulations demonstrate qualitatively similar behavior of the OpenFlow switch across different traffic rates, buffer sizes, and service rates.
  • No Thumbnail Available
    Item
    DNS Amplification Based DDoS Attacks in SDN Environment: Detection and Mitigation
    (IEEE, 2019) Gupta, Vishal; Kulshrestha, Rakhee
    Domain Name System (DNS) amplification based Distributed Denial of Service (DDoS) attacks have been part of the Internet's history for a long time. Since the inception of Internet protocol, several security measures, improved protocols, and hardware have been developed but there still is not a foolproof way to avoid such DDoS attacks. Attackers have used it to congest networks and servers with the aim of disrupting services which in turn lead to huge financial losses. Software-Defined Network (SDN) environment has evolved as a promising alternative to legacy networks. It essentially gives the underlying network an external controller (brain) which makes respective network layer devices centrally programmable. This gives administrators absolute control over the network, to decide and take action on how each and every packet in the network should move around. It is predicted as the future of computer networking to thwart major cyberattacks with nearly full autonomy on the network. Through this research, it is intended to identify and mitigate DNS Amplification based DDoS attacks in such an environment. A middle-layer third-party solution is proposed to protect an organization's network by offloading the attack to an open flow enabled SDN network. Using a bloom filter as a defense mechanism, detection and mitigation of an attack is done.