Mitigating Denial of Service Attacks in Software Defined Vehicular Networks

Abstract

Software Defined Vehicular Network (SDVN) is a new network architecture inspired by the well-known Vehicular Ad Hoc Network (VANET), applying the concepts of Software Defined Network (SDN). The SDVN proposes a complete data flow management by a module that controls the routing actions. However, it is necessary to verify that the security requirements are still satisfied. We presented two SDVN architecture proposals: (1) Centralized mode, where there is only one controller and the vehicles use LTE and WAVE as interfaces communication and (2) distributed mode, where there are several controllers installed in RSUs and uses only WAVE communication. This work presents the Sentinel, a new defense mechanism in order to detect flooding attack by time series analysis of packet flow and mitigate the attack creating a flow tree to find out the source of spoofed packets. We divided the results between the detection rate of victim vehicles and the efficiency of mitigation method. The algorithm was able to mitigate the attack flow in different scenarios and parameters. However, the speed of vehicles might decrease the efficiency due to the fast change of attack flow. Furthermore, we also propose some improvements to future approaches.