Software-defined Networking Based DDoS Defense Mechanisms

Swami, Rochak; Dave, Mayank; Ranga, Virender

doi:10.36227/techrxiv.12720482

Cited by 7 publications

(12 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Multiple bots (network nodes compromised and controlled by an attacker) are often used to launch DDoS attacks. Direct attacks on a victim typically use flooding in which many packets are sent from multiple bots to the victim; examples include TCP SYN floods, UDP floods, ICMP floods, and HTTP floods [24].…”

Section: A Ddos Attack Types and Known Solutionsmentioning

confidence: 99%

“…Another tactic used in DDoS attacks is amplification: the attacker sends requests to network service providers such as Domain Name System (DNS) servers or network time providers (NTP) spoofing victim's IP address as the source IP address so that the responses, which are typically several times larger than the queries/requests, are sent to the victim [24]. In addition, protocol exploitation attacks like TCP SYN flooding can be performed on the victim infrastructure by taking advantage of TCP connection establishment mechanism and sending the flood of TCP SYN packets with no ACK responses to consume the victim machine resources [25].…”

Section: A Ddos Attack Types and Known Solutionsmentioning

confidence: 99%

See 1 more Smart Citation

The role of Blockchain in DDoS attacks mitigation: techniques, open challenges and future directions

Chaganti¹,

Bhushan²,

Sowmya³

2022

Preprint

View full text Add to dashboard Cite

With the proliferation of new technologies such as Internet of Things (IOT) and Software-Defined Networking (SDN) in the recent years, the distributed denial of service (DDoS) attack vector has broadened and opened new opportunities for more sophisticated DDoS attacks on the targeted victims. The new attack vector includes unsecured and vulnerable IoT devices connected to the internet, denial of service vulnerabilities like southbound channel saturation in the SDN architecture. Given the high-volume and pervasive nature of these attacks, it is beneficial for stakeholders to collaborate in detecting and mitigating the denial of service attacks in a timely manner. The blockchain technology is considered to improve the security aspects owing to the decentralized design, secured distributed storage and privacy. A thorough exploration and classification of blockchain techniques used for DDoS attack mitigation is not explored in the prior art. This paper reviews and categorizes the existed state-of-the-art DDoS mitigation solutions based on blockchain technology. The DDoS mitigation techniques are classified based on the solution deployment location i.e. network based, near attacker location, near victim location and hybrid solutions in the network architecture with emphasis on the IoT and SDN architectures. Additionally, based on our study, the research challenges and future directions to implement the blockchain based DDoS mitigation solutions are discussed. We believe that this paper could serve as a starting point and reference resource for future researchers working on denial of service attacks detection and mitigation using blockchain technology.

show abstract

Section: A Ddos Attack Types and Known Solutionsmentioning

confidence: 99%

Section: A Ddos Attack Types and Known Solutionsmentioning

confidence: 99%

The role of Blockchain in DDoS attacks mitigation: techniques, open challenges and future directions

Chaganti¹,

Bhushan²,

Sowmya³

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Most of the current literature available addresses mainly on DDoS protection emphasizing on techniques for preventing of apparently malicious traffic at the network or application layer [24,6,12,5]. There is limited number of literatures that are available to provide deployable solutions specifically for mitigating EDoS attacks in Cloud Computing environment.…”

Section: Existing Edos Mitigation Techniquesmentioning

confidence: 99%

“…Economic Denial of Sustainability (EDoS) is a new breed of security and economical threats to the CC paradigm [22]. Unlike the traditional Distributed Denial of Service (DDoS) [10] which brings down a service by exhausting the resources of a targeted server in traditional setup, EDoS takes advantage of the elasticity feature provided as a cloud service [10,24]. This causes the resources to dynamically scale to meet the demand (because of EDoS attack) resulting in a hefty bill for the customer.…”

Section: Introductionmentioning

confidence: 99%

Performance Analysis of EMM an EDoS Mitigation Technique in Cloud Computing Environment

Singh

Rehman

Manickam

2020

Communications in Computer and Information Science

View full text Add to dashboard Cite

A new variant of the DDoS attack, called Economic Denial of Sustainability (EDoS) attack has emerged. Since the cloud service is based on the pay-per-use model, the EDoS attack endeavors to scale up the resource usage over time to the point the purveyor of the server is financially incapable of sustaining the service due to the incurred unaffordable usage charges. The implication of the EDoS attack is a major security implication as more elastic cloud services are being deployed. Existing techniques to detect and mitigate such attacks are either have low accuracy or ineffective and, in some cases, aggravate the attack even further. Therefore, an enhanced EDoS Mitigation Mechanism (EMM), is proposed to address these shortcomings using OpenFlow and statistical techniques, i.e. Hellinger Distance and Entropy. The experiments clearly depicted that EMM is able to detect and mitigate EDoS attacks with high accuracy and it is effective in terms of resource utilization compared to existing mitigation techniques. Thus, it can be deployed in the cloud environment without the need for additional resource requirements.

show abstract

“…Nevertheless, the literature is evident that SDN-based networks are confronted with varied drastic subtle attacks like Denial of service (DoS), Distributed denial of service (DDoS), Brute force, Web attacks, Botnet etc [7]. Consequently, the security of the SDN controller is of paramount concern that deserves to receive a decent expanse of attention [8], [9]. To detect and mitigate the evolving latest cyber security threats, intelligent learning-based detection mechanisms should be devised.…”

Section: Introductionmentioning

confidence: 99%

Security-Aware Data-Driven Intelligent Transportation Systems

et al. 2021

View full text Add to dashboard Cite

Intelligent transportation systems have been envisioned to bring more intelligence and cooperative sensing to meet the imminent demands of overall improved autonomous transportation. However, dynamic era of modern applications and fixed architecture of legacy Internet needs flexible, innovative, adaptive, and programmable software defined intelligent transportation systems (SD-ITS). The centralized control intelligence of SD-ITS can be a potential primary target of the prevalent cyber threats and attacks that can simply throw the entire network into chaos. The authors propose a DL-driven multi-vector scalable attack detection framework leveraging graphical processing unit (GPU) empowered Bidirectional Long Short-Term Memory (BLSTM) to efficiently tackle exponentially growing diverse sophisticated attacks that primarily target the control unit of the SD-ITS. The proposed technique has been rigorously evaluated with current state-of-the-art publicly available Flow-based dataset (i.e., CICIDS2017) using standard performance metrics. Further, the proposed mechanism is compared with contemporary benchmarks (i.e., DL algorithms). Extensive experimental results exhibit out-performance of the proposed technique in term of detection accuracy with a trivial tradeoff computational complexity. Finally, the study also employed 10-fold cross validation to explicitly show unbiased results.

show abstract

Software-defined Networking Based DDoS Defense Mechanisms

Cited by 7 publications

References 10 publications

The role of Blockchain in DDoS attacks mitigation: techniques, open challenges and future directions

The role of Blockchain in DDoS attacks mitigation: techniques, open challenges and future directions

Performance Analysis of EMM an EDoS Mitigation Technique in Cloud Computing Environment

Security-Aware Data-Driven Intelligent Transportation Systems

Contact Info

Product

Resources

About