Implementation of ICMP flood detection and mitigation system based on software-defined network and sFlow-RT
Dublin Core
Title
Implementation of ICMP flood detection and mitigation system based on software-defined network and sFlow-RT
Subject
Internet control message protocol flood
Network security
OpenFlow
Software-defined networks sFlow-RT
Network security
OpenFlow
Software-defined networks sFlow-RT
Description
This study evaluates internet control message protocol (ICMP) flood detection and mitigation in software-defined networks (SDN) using an SDN architecture with sFlow-RT for real-time traffic monitoring. OpenFlow switches and sFlow agents detect malicious patterns, following the prepare, plan, design, implement, operate, optimize (PPDIOO) methodology. Unlike prior approaches, this system leverages SDN programmability and sFlow-RT’s real-time analytics to reduce ICMP packets from 311,130.2 to 99 and latency by 80%, outperforming traditional methods in speed and responsiveness. It ensures network availability, with practical benefits for large-scale networks like internet service providers (ISPs). However, sFlow sampling rates may affect accuracy in high-speed networks, and a single OpenDaylight (ODL) controller limits generalizability. Future work should test alternative controllers and extend to other DDoS types like user datagram protocol (UDP) floods in diverse topologies.
Creator
Rikie Kartadie1, Adi Kusjani2, Rangga Warsito3, Yudhi Kusnanto3, Lucia Nugraheni Harnaningrum4
Source
Journal homepage: http://journal.uad.ac.id/index.php/TELKOMNIKA
Date
May 10, 2025
Contributor
PERI IRAWAN
Format
PDF
Language
ENGLISH
Type
TEXT
Files
Collection
Citation
Rikie Kartadie1, Adi Kusjani2, Rangga Warsito3, Yudhi Kusnanto3, Lucia Nugraheni Harnaningrum4, “Implementation of ICMP flood detection and mitigation system based on software-defined network and sFlow-RT,” Repository Horizon University Indonesia, accessed January 12, 2026, https://repository.horizon.ac.id/items/show/10043.