ANALYSIS OF DYNAMIC FLOW SECURITY MANAGEMENT ALGORITHMS IN SOFTWARE-DEFINED NETWORKING (SDN) ENVIRONMENTS
Abstract
While Software-Defined Networking (SDN) offers flexibility by decoupling control and data planes, architectural centralization increases vulnerability to Distributed Denial of Service (DDoS) attacks targeting the core controller. This study evaluates a Shannon entropy-based dynamic filtering model for real-time anomaly isolation within OpenFlow-based SDNs. Simulations utilizing Mininet and the Ryu controller demonstrated that the system identifies anomalous flows in under 12 milliseconds. The algorithmic intervention reduced controller CPU utilization from 98% to 42%, preserving legitimate throughput at 91.5%. Transitioning to dynamic reactionary algorithms represents a fundamental strategic solution for ensuring centralized network continuity.