Ranyelson Neres Carvalho scite author profile

Summary Design flaws and vulnerabilities inherent to network protocols, devices, and services make Distributed Denial of Service (DDoS) a persisting threat in the cyberspace, despite decades of research efforts in the area. The historical vertical integration of traditional IP networks limited the solution space, forcing researchers to tweak network protocols while maintaining global compatibility and proper service to legitimate flows. The advent of Software‐Defined Networking (SDN) and advances in Programmable Data Planes (PDP) changed the state of affairs and brought novel possibilities to deal with such attacks. In summary, the ability of bringing together network intelligence to a control plane, and offloading flow processing tasks to the forwarding plane, opened up interesting opportunities for network security researchers unlike ever. In this article, we dive into recent research that relies on SDN and PDP to detect, mitigate, and prevent DDoS attacks. Our literature review takes into account the SDN layered view as defined in RFC7426 and focuses on the data, control, and application planes. We follow a systematic methodology to capture related articles and organize them into a taxonomy of DDoS defense mechanisms focusing on three facets: activity level, deployment location, and cooperation degree. From the analysis of existing work, we also highlight key research gaps that may foster future research in the field.

show abstract

Entropy-Based DoS Attack Identification in SDN

Carvalho

Bordim

Alchieri

2019

View full text Add to dashboard Cite

DoSSec: A Reputation-Based DoS Mitigation Mechanism on SDN

Carvalho

Costa

Bordim

et al. 2021

View full text Add to dashboard Cite

New Programmable Data Plane Architecture Based on P4 OpenFlow Agent

Carvalho¹,

Costa²,

Bordim³

et al. 2020

View full text Add to dashboard Cite

DataPlane‐ML: An integrated attack detection and mitigation solution for software defined networks

Carvalho

Costa

Bordim

et al. 2022

Concurrency and Computation

View full text Add to dashboard Cite

Summary Software defined network (SDN) is a paradigm that emphasizes the separation of the control plane from the data plane, offering advantages such as flexibility and programmability. However, from a security perspective, SDN also introduces new vulnerabilities due to the communication required between these planes. SYN Flood attacks are typical distributed denial‐of‐service (DDoS) attacks that especially challenge network administrators since they produce a large volume of semi‐open TCP connections to a target, compromising its availability. Most of the current solutions to detect and mitigate these attacks are designed to operate at the control plane, imposing an additional overhead on controller functions. Moreover, traffic‐blocking mechanisms, a widely used alternative to protect network resources, have the drawback of restricting legitimate traffic. This work proposes DataPlane‐ML, an integrated solution to detect and mitigate DDoS attacks on SDN, acting directly in the data plane. DataPlane‐ML uses machine learning techniques for attack detection and a mitigation solution based on the node's reputation to avoid blocking legitimate traffic during an attack. Experimental results show that DataPlane‐ML is prefix≈26%$$ \approx 26\% $$ faster than statistical‐based solutions for attack detection while presenting better accuracy. Moreover, the DataPlane‐ML mitigation solution can preserve more than 95%$$ 95\% $$ of legitimate traffic during an attack.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.