Performance evaluation of RYU controller under distributed denial of service attacks

Mohammed Ibrahim Kareem, Mahdi Nsaif Jasim, Hussein Ibrahim Hussein, Karrar Ibrahim


Distributed denial of service (DDoS) attacks have been identified as one of the greatest threats to software-defined networking (SDN) because they are highly effective, hard to detect, and easy to use, and they take advantage of vulnerabilities in which the new architecture still exists. This paper describes one technique for denying the RYU controller's services, which can cause the controller's resources to be depleted if a significant number of packets from various zombie hosts are sent to the controller using spoofed source internet protocol (IP) addresses. In order to demonstrate the impact of the attack, we measure various metrics related to RYU controllers such as its central processing unit (CPU) usage and network throughput. In this work, Mininet was used to simulate the data plane and measure metrics such as random access memory (RAM) usage, CPU load, and link latency.


CPU consumption; Distributed denial of service; Link latency; RAM exhaustion; RYU controller; Software-defined networking

Full Text:




  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Indonesian Journal of Electrical Engineering and Computer Science (IJEECS)
p-ISSN: 2502-4752, e-ISSN: 2502-4760
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).

shopify stats IJEECS visitor statistics