Acceso al sitio web del Consejo de Políticas de Infraestructura
REVISTA
Future Internet

   
Redirigiendo al acceso original de articulo en 15 segundos...
Inicio  /  Future Internet  /  Vol: 10 Núm: 3 Par: March (2018)  /  Artículo
ARTÍCULO
TITULO

SDN Based Collaborative Scheme for Mitigation of DDoS Attacks

Sufian Hameed and Hassan Ahmed Khan    

Resumen

Software Defined Networking (SDN) has proved itself to be a backbone in the new network design and is quickly becoming an industry standard. The idea of separation of control plane and data plane is the key concept behind SDN. SDN not only allows us to program and monitor our networks but it also helps in mitigating some key network problems. Distributed denial of service (DDoS) attack is among them. In this paper we propose a collaborative DDoS attack mitigation scheme using SDN. We design a secure controller-to-controller (C-to-C) protocol that allows SDN-controllers lying in different autonomous systems (AS) to securely communicate and transfer attack information with each other. This enables efficient notification along the path of an ongoing attack and effective filtering of traffic near the source of attack, thus saving valuable time and network resources. We also introduced three different deployment approaches i.e., linear, central and mesh in our testbed. Based on the experimental results we demonstrate that our SDN based collaborative scheme is fast and reliable in efficiently mitigating DDoS attacks in real time with very small computational footprints.

PÁGINAS
MATERIAS
INFRAESTRUCTURA

 Artículos similares

       
 
Igor Kotenko, Igor Saenko, Andrey Privalov and Oleg Lauta    
The article proposes an approach to ensuring the functioning of Software-Defined Networks (SDN) in cyber attack conditions based on the analytical modeling of cyber attacks using the method of topological transformation of stochastic networks. Unlike oth... ver más

 
Sachin Sharma and Avishek Nag    
The emergence of Software-Defined Networking (SDN) and Network Function Virtualization (NFV) has revolutionized the Internet. Using SDN, network devices can be controlled from a centralized, programmable control plane that is decoupled from their data pl... ver más
Revista: Future Internet

 
Evangelos D. Spyrou, Ioannis Tsoulos and Chrysostomos Stylios    
Software-Defined Networking (SDN) stands as a pivotal paradigm in network implementation, exerting a profound influence on the trajectory of technological advancement. The critical role of security within SDN cannot be overstated, with distributed denial... ver más
Revista: Future Internet

 
Fahad M. Alotaibi and Vassilios G. Vassilakis    
Web attacks pose a significant threat to enterprises, as attackers often target web applications first. Various solutions have been proposed to mitigate and reduce the severity of these threats, such as web application firewalls (WAFs). On the other hand... ver más
Revista: Future Internet

 
Qiwen Tian and Sumiko Miyata    
To detect each network attack in an SDN environment, an attack detection method is proposed based on an analysis of the features of the attack and the change in entropy of each parameter. Entropy is a parameter used in information theory to express a cer... ver más
Revista: IoT