Date of Graduation
5-2025
Document Type
Thesis
Degree Name
Bachelor of Science in Computer Science
Degree Level
Undergraduate
Department
Computer Science and Computer Engineering
Advisor/Mentor
Jin, Kevin
Committee Member
Li, Qinghua
Second Committee Member
Thompson, Dale
Abstract
Given the exponential growth in our infrastructure’s reliance on digital systems and large interconnected networks to operate, cybersecurity efforts have not been able to keep up with vulnerabilities attackers can exploit. Specifically, their reliance on industrial network protocols in Supervisory Control and Data Acquisition (SCADA) systems. These protocols are great in terms of the functionality they provide, but are severely lacking in terms of security, leaving the networks vulnerable to cyberattacks. One of the more common protocols, Distributed Network Protocol 3 (DNP3), is particularly vulnerable to Denial-of-Service type attacks. In this work we explore the use of P4-based programmable networks to detect and mitigate Distributed Denial-of-Service (DDoS) attacks spread across multiple switches on a network. Our approach using P4 switches allows for an in-network solution that does not rely on external controllers to integrate security measures and other functions into the network. P4 allows for complete data plane programmability, enabling us to implement custom detection and mitigation logic for DDoS attacks and facilitating communication between switches.
Keywords
P4; Programmable Networks; SCADA Systems; DNP3; Network Security; DDoS
Citation
Howard, S. (2025). DDoS Detection and Mitigation using Multiple Programmable Switches for Industrial Network Security. Electrical Engineering and Computer Science Undergraduate Honors Theses Retrieved from https://scholarworks.uark.edu/elcsuht/10
