Signature-Based Traffic Classification and Mitigation for DDoS Attacks Using Programmable Network Data Planes

Dimolianis, Marinos; Pavlidis, Adam; Maglaris, Vasilis

doi:10.1109/access.2021.3104115

Cited by 27 publications

(11 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Considering that the comprehensive collection of network data made available by PDP opens the door for many possible applications in the network and brings in Artificial Intelligence (AI) to the decisionmaking. Where the AI can have an important role in steering user traffic to the best serving node for lower latency and better Quality of Service (QoS) as in [10], or even provide filtering of traffic based on signatures that are generated from packet features for enhanced detection and mitigation of DDoS attacks [11].…”

Section: Sdn Methodsmentioning

confidence: 99%

P4 Telemetry collector

et al. 2023

View full text Add to dashboard Cite

Section: Sdn Methodsmentioning

confidence: 99%

P4 Telemetry collector

et al. 2023

View full text Add to dashboard Cite

“…It can also predict the class of an application with 97.82% accuracy. Dimolianis et al [ 13 ] have presented an integrated scheme for signature-based traffic classification processing for DDoS protection. With this signature-based scheme, it outperformed traditional IP-based schemes in terms of malicious traffic categorization, cardinality of filtering rules, and packet processing efficiency in high-speed networks.…”

Section: Security Solutions Against Mobile Malware and Threatsmentioning

confidence: 99%

The current state and future of mobile security in the light of the recent mobile security threat reports

Çınar

Kara

2023

Multimed Tools Appl

View full text Add to dashboard Cite

“…The main idea in [16] is to increase resource utilization and support scalability in such a way that the control layer is physically or logically distributed hierarchically in the control layer. Dimolianis et al in [17] proposed an IP-based DDOS protection mechanism in addition to the traditional lter mechanisms that are based on IP rules and increase in proportion to the number of malicious sources.…”

Section: Related Workmentioning

confidence: 99%

A Method for DDOS Attacks Prevention Using SDN and NFV

Shayegan,

Damghanian

2023

Preprint

View full text Add to dashboard Cite

One of the most widespread forms of security attacks in enterprise networks is Distributed Denial-of-Service (DDOS) attacks. The purpose of DDOS attacks is to intentionally disrupt a network by sending a large amount of false requests. A new path for network design and management has been created with the introduction of Network Functions Virtualization (NFV). NFV architectures allow network functions to be defined quite dynamically. Dynamic definitions of network functions provide the best support for organizational environments. The aim of this research is to prevent DDOS attacks using NFV and SDN platforms. The research method uses the Moving Target Defense (MTD) idea to change the network routes and services location for specific detection packets. The MTD prevents attackers from performing DDOS attacks on real network topologies. A major innovation presented in this research is the selection of moving target defense types based on the processing resources of the overlay networks. The results indicates that the proposed method will save these resources and reduce the time required to check packets in networks.

show abstract

Signature-Based Traffic Classification and Mitigation for DDoS Attacks Using Programmable Network Data Planes

Cited by 27 publications

References 25 publications

P4 Telemetry collector

P4 Telemetry collector

The current state and future of mobile security in the light of the recent mobile security threat reports

A Method for DDOS Attacks Prevention Using SDN and NFV

Contact Info

Product

Resources

About