DDoS Attack Detection and Mitigation with Dynamic Firewall Technique

DDoS Attack Detection and Mitigation with Dynamic Firewall Technique

DDoS, DynamicFirewall, SDN, Mininet

Distributed Denial of Service (DDoS) attacks pose significant challenges to network availability and reliability, particularly in dynamic and large-scale environments. This study proposes a dynamic firewall technique implemented via the Ryu Controller within a Software-Defined Networking (SDN) framework to detect and mitigate DDoS attacks in real time. The firewall dynamically analyzes traffic patterns and enforces blocking rules based on abnormal packet volume per source IP. Experimental results demonstrate the system's high effectiveness: the number of SYN Flood and UDP Flood packets received by the server was reduced by over 99% after the firewall was activatedthat dropping from 83,440 to 212 SYN packets and from 404,912 to 100 UDP packets, respectively. Furthermore, the firewall operated without interfering with legitimate traffic, maintaining service integrity and low latency. These findings validate the proposed method’s capability for autonomous, adaptive, and efficient DDoS mitigation. Future work includes integrating machine learning for enhanced anomaly detection, extending the firewall’s scope to multi-vector attacks, and deploying it in more complex network environments such as IoT and edge computing system

Rizki Berkah Saputra1,Ahmad Turmudi Zy2,Wiyanto3

https://ijicom.respati.ac.id/index.php/ijicom/article/view/149/105

nternational Journal of Informatics and Computation (IJICOM)

2025

Fajar bagus W

PDF

English

Text