Top

Mobile Networks and Applications

Published in:

04-06-2020

Collaborative Detection and Mitigation of Distributed Denial-of-Service Attacks on Software-Defined Network

Authors: Omer Elsier Tayfour, Muhammad Nadzir Marsono

Published in: Mobile Networks and Applications | Issue 4/2020

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

This paper presents a collaborative technique to detect and mitigate Distributed Denial-of-Service (DDoS) flooding attacks on Software-Defined Network (SDN). This technique integrates sflow-RT application and Snort rules for the detection of DDoS traffic flows in an SDN controller. Redis Simple Message Queue (RSMQ) acts as a mechanism to share DDoS detection and mitigation rules among multiple Ryus SDN controllers. The rule-sharing allows a reduction of the controller’s overhead for processing DDoS detection and mitigation. The experimental results show that using the RSMQ mechanism can significantly detect and prevent DDoS attacks detection across multi-controller domains. It also provides early detection and mitigation of DDoS at lower controller overhead.

previous article Healthcare Services Monitoring in Cloud Using Secure and Robust Healthcare-Based BLOCKCHAIN(SRHB)Approach

next article Editorial: Collaborative Computing for Data-Driven Systems

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

inform now

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

inform now

Yan Q, Yu FR (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine 53(4):52–9

Yao Z, Yan Z (2016). Security in software-defined-networking: A survey. In: International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage. Springer, Cham pp 319–332

Rodrigues B, Bocek T, Lareida A, Hausheer D, Rafati S, Stiller B (2017). A blockchain-based architecture for collaborative DDoS mitigation with smart contracts. In: IFIP International Conference on Autonomous Infrastructure, Management and Security. Springer, Cham pp 16–29

4. François J, Aib I, Boutaba R (2012). FireCol: a collaborative protection network for the detection of flooding DDoS attacks. IEEE/ACM Trans Networking 20(6):1828–41

Mubarakali A, Alqahtani AS (2019). A Survey: Security Threats and Countermeasures in Software Defined Networking. In: 2nd International Conference on Information and Computer Technologies (ICICT). IEEE pp 180–185

Dayal N, Srivastava S (2017). Analyzing behavior of DDoS attacks to identify DDoS detection features in SDN. In: 9th International Conference on Communication Systems and Networks (COMSNETS). IEEE pp 274–281

Srinivasan K, Mubarakali A, Alqahtani AS, Kumar AD (2019). A Survey on the Impact of DDoS Attacks in Cloud Computing: Prevention, Detection and Mitigation Techniques. In: Intelligent Communication Technologies and Virtual Mobile Networks. Springer, Cham pp 252–270

Conti M, Gangwal A, Gaur MS (2017). A comprehensive and effective mechanism for DDoS detection in SDN. In: 2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). IEEE pp 1–8

Bawany NZ, Shamsi JA, Salah K (2017). DDoS attack detection and mitigation using SDN: methods, practices, and solutions. Arab J Sci Eng 42(2):425–41

10.

Xing T, Huang D, Xu L, Chung CJ, Khatkar P (2013). Snortflow: A OpenFlow-based intrusion prevention system in cloud environment. In: 2nd GENI research and educational experiment workshop. IEEE pp 89–92

11.

Chung CJ, Khatkar P, Xing T, Lee J, Huang D (2013). NICE: Network intrusion detection and countermeasure selection in virtual network systems. IEEE Transactions on Dependable and Secure Computing 10(4):198–211

12.

Mousavi SM, St-Hilaire M (2018). Early detection of DDoS attacks against software defined network controllers. J Netw Syst Manag 26(3):573–91

13.

Kokila RT, Selvi ST, Govindarajan K (2014). DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: Sixth International Conference on Advanced Computing (ICoAC). IEEE pp 205–210

14.

Nanda S, Zafari F, DeCusatis C, Wedaa E, Yang B (2016). Predicting network attack patterns in SDN using machine learning approach. In: Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). IEEE pp 167–172

15.

Afaq M, Rehman S, Song WC (2015). Large flows detection, marking, and mitigation based on sFlow standard in SDN. Journal of Korea Multimedia Society 18(2):189–98

16.

Baucke S, Mestery K, Shaikh A, Wright C (2013). Opendaylight: An open source SDN for your openstack cloud. In: An Open-Stack Summit, Hong Kong

17.

Goransson P, Black C, Culver T (2016). Software defined networks: a comprehensive approach. Morgan Kaufmann

18.

Von Ahn L, Blum M, Hopper NJ, Langford J (2003). CAPTCHA: Using hard AI problems for security. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg pp 294–311

19.

Piedrahita AF, Rueda S, Mattos DM, Duarte OC (2015). FlowFence: a denial of service defense system for software defined networking. In: Global Information Infrastructure and Networking Symposium (GIIS). IEEE pp 1–6

20.

Chen Z, Han F, Cao J, Jiang X, Chen S (2013). Cloud computing-based forensic analysis for collaborative network security management system. Tsinghua Sci Technol 18(1):40–50

21.

Hameed S, Khan HA (2017). Leveraging SDN for collaborative DDoS mitigation. In: International Conference on Networked Systems (NetSys). IEEE pp 1–6

22.

Macedo R, de Castro R, Santos A, Ghamri-Doudane Y, Nogueira M (2016). Self-organized SDN controller cluster conformations against DDoS attacks effects. In: Global Communications Conference (GLOBECOM). IEEE pp 1–6

23.

Rashidi B, Fung C. CoFence (2016): A collaborative DDoS defence using network function virtualization. In: 12th International Conference on Network and Service Management (CNSM). IEEE pp 160–166

24.

Muqaddas AS, Bianco A, Giaccone P, Maier G (2016). Inter-controller traffic in ONOS clusters for SDN networks. In: International Conference on Communications (ICC). IEEE pp 1–6

25.

Yang X, Han B, Sun Z, Huang J (2017). SDN-based DDoS attack detection with cross-plane collaboration and lightweight flow monitoring. In: Global Communications Conference (GLOBECOM). IEEE pp 1–6

26.

https://redis.io/topics/pubsub

Title: Collaborative Detection and Mitigation of Distributed Denial-of-Service Attacks on Software-Defined Network
Authors: Omer Elsier Tayfour
Muhammad Nadzir Marsono
Publication date: 04-06-2020
Publisher: Springer US
Published in: Mobile Networks and Applications / Issue 4/2020
Print ISSN: 1383-469X
Electronic ISSN: 1572-8153
DOI: https://doi.org/10.1007/s11036-020-01552-0

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelektronik

ATZelectronics worldwide

Other articles of this Issue 4/2020

A Pricing Approach Toward Incentive Mechanisms for Participant Mobile Crowdsensing in Edge Computing

Radar Signal Recognition Based on Transfer Learning and Feature Fusion

Cloud Marginal Resource Allocation: A Decision Support Model

Artificial Intelligence Clone Generated Content toward Robot Creativity and Machine Mindfulness

A Multi-Agent Simulation Method of Urban Land Layout Structure Based on FPGA

Adaptive Extraction and Refinement of Marine Lanes from Crowdsourced Trajectory Data