Advertisement

The Journal of Supercomputing

, Volume 75, Issue 8, pp 4829–4874 | Cite as

Toward secure software-defined networks against distributed denial of service attack

  • Kshira Sagar Sahoo
  • Sanjaya Kumar PandaEmail author
  • Sampa Sahoo
  • Bibhudatta Sahoo
  • Ratnakar Dash
Article

Abstract

The newly emerged software-defined networking (SDN) paradigm provides a flexible network management by decoupling the network control logic from the data plane, which could effectively resolve many security issues of legacy networks. One of such security issues is distributed denial of service (DDoS) attack, which is a rapidly growing network threat. This is usually performed on a target system to make an online service unavailable to the users. SDN can easily detect the DDoS attack due to the centralized control provisioning and network visibility. At the same time, the changes of fundamental architecture and the developments of various design entities pose a severe DDoS threat to the SDN platform. This paper presents a concise up-to-date review of security concerns of SDN, possible DDoS attack in individual layers of SDN and ongoing research efforts on SDN-enabled DDoS detection solutions. Based on the findings, an information distance-based flow discriminator framework has been discussed, which can discriminate the DDoS traffic during flash events, a similar looking legitimate traffic, in SDN environment. The information distance metric is used to describe the variations of traffic behavior of such events. The simulation results show that the information distance metric can effectively identify the DDoS traffic in comparison with other metrics with a higher detection rate. The proposed solution can detect the traffic at the edge switch so that the attack alert can be raised at the earliest.

Keywords

Software-defined networking Distributed denial of service attack Security threat Security attack Infrastructure layer Control layer Application layer 

Notes

Acknowledgements

The first version of this paper has appeared in one of the chapters of Handbook of e-Business Security [67]. We would like to thank the anonymous reviewers for their valuable comments and future research directions, which greatly help us to extend this paper.

References

  1. 1.
    Mirkovic J, Reiher P (2004) A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput Commun Rev 34(2):39–53CrossRefGoogle Scholar
  2. 2.
    Akhunzada A, Ahmed E, Gani A (2015) Securing software defined networks: taxonomy, requirements and open issues. IEEE Commun Mag 53(4):36–44CrossRefGoogle Scholar
  3. 3.
    Zargar ST, Joshi J, Tipeer D (2013) A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun Surv Tutor 15(4):2046–2069CrossRefGoogle Scholar
  4. 4.
    Shtem M, Sandel R, Litoiu M (2014) Towards mitigation of low and slow application DDoS attacks. In: IEEE International Conference on Cloud Engineering, pp 604–609Google Scholar
  5. 5.
    Palmieri F, Ricciardi S, Fiore U, Ficco M, Castiglione A (2015) Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures. J Supercomput 71(5):1620–1641CrossRefGoogle Scholar
  6. 6.
    Modi C, Patel D, Borisaniya B, Patel A, Rajarajan M (2013) A survey on security issues and solutions at different layers of cloud computing. J Supercomput 63(2):561–592CrossRefGoogle Scholar
  7. 7.
    Hunag CY, Chi TM, Ting CY, Chieh CY, Ren CY (2010) A novel design for future on-demand service and security. In: IEEE 12th International Conference on Communication Technology, pp 385–388Google Scholar
  8. 8.
    Ali ST, Sivaraman V, Radford A (2015) A survey of securing networks using software defined networking. IEEE Trans Reliab 64(3):1086–1097CrossRefGoogle Scholar
  9. 9.
    Hussein A, Elhajj IH, Chehab A, Kayssi A (2016) SDN security plane: an architecture for resilient security services. In: IEEE International Conference on Cloud Engineering Workshop, pp 54–59Google Scholar
  10. 10.
    Fernandez EB (2011) Security in data intensive computing systems. In: Furht B, Escalante A (eds) Handbook of data intensive computing. Springer, Berlin, pp 447–466Google Scholar
  11. 11.
  12. 12.
    Singh S, Sharma PK, Moon SY, Moon D, Park JH (2016) A comprehensive study on APT attacks and countermeasures for future networks and communications: challenges and solutions. J Supercomput.  https://doi.org/10.1007/s11227-016-1850-4
  13. 13.
    Yan Q, Yu FR, Gong Q (2016) Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues and challenges. IEEE Commun Sur Tutor 18(1):602–622CrossRefGoogle Scholar
  14. 14.
    Peng T, Leckie C, Ramamohanarao K (2007) Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Comput Surv 39(1):1–42CrossRefGoogle Scholar
  15. 15.
    Jarraya Y, Madi T, Debbabi M (2014) A survey and a layered taxonomy of software-defined networking. IEEE Commun Surv Tutor 16(4):1955–1980CrossRefGoogle Scholar
  16. 16.
    Kobo HI, Abu-Mahfouz AM, Hancke GP (2017) A survey on software-defined wireless sensor networks: challenges and design requirements. IEEE Access 5:1872–1899CrossRefGoogle Scholar
  17. 17.
    Sahoo KS, Mohanty S, Tiwary M, Mishra BK, Sahoo B (2016) A comprehensive tutorial on software defined network: the driving force for the future internet technology. In: International Conference on Advances in Information Communication Technology and Computing. ACM, Article No. 114Google Scholar
  18. 18.
    Vaughan-Nichols SJ (2011) OpenFlow: the next generation of the network? IEEE Comput 44(8):13–15CrossRefGoogle Scholar
  19. 19.
    Wibowo FXA, Gregory MA, Ahmed K, Gomez KM (2017) Multi-domain software defined networking: research status and challenges. J Netw Comput Appl 87:32–45CrossRefGoogle Scholar
  20. 20.
    Xia W, Wen Y, Foh CH (2015) A survey on software-defined networking. IEEE Commun Surv Tutor 17(1):27–51CrossRefGoogle Scholar
  21. 21.
    Hasan SF (2014) Software-defined networking, emerging trends in communication networks. Springer, Berlin, pp 19–32Google Scholar
  22. 22.
  23. 23.
    Software Defined Networking (SDN) Configuration Guide. http://pleiades.ucsc.edu/doc/brocade/netiron-05900-sdnguide.pdf. Accessed on 10 Jan 2018
  24. 24.
    HPE 3800 Series. https://h20195.www2.hpe.com/v2/GetPDF.aspx/4AA3-7115ENW.pdf. Accessed on 10 Jan 2018
  25. 25.
    Exploring Software-Defined Networking with Brocade. https://cio.economictimes.indiatimes.com/files/cp/12/cdoc-1457526264-BRCD_ExploringSDN_WP.pdf. Accessed on 10 Jan 2018
  26. 26.
    OpenFlow 1.3 Features Supported in EXOS. https://gtacknowledge.extremenetworks.com/articles/Solution/OpenFlow-1-3-features-supported-in-EXOS. Accessed on 10 March 2018
  27. 27.
  28. 28.
  29. 29.
    Arista 7150 Series. https://www.arista.com/en/products/7150-series. Accessed on 10 April 2018
  30. 30.
    Xie J, Guo D, Hu Z, Qu T, Lv P (2015) Control plane of software defined networks: a survey. Comput Commun 67:1–10CrossRefGoogle Scholar
  31. 31.
    Wallner R, Cannistra R (2013) An SDN approach: quality of service using big switch’s floodlight open-source controller. Asia-Pacif Adv Netw 35:14–19Google Scholar
  32. 32.
    Medved J, Varga R, Tkacik A, Gray K (2014) OpenDaylight: towards a model-driven SDN controller architecture. In: IEEE international symposium on a world of wireless, mobile and multimedia networks, pp 1–6Google Scholar
  33. 33.
    Kaur S, Singh J, Ghumman NS (2014) Network programmability using POX controller. In: International Conference on Communication, Computing and Systems. IEEEGoogle Scholar
  34. 34.
    Tavakoli A, Casado M, Koponen T, Shenker S (2009) Applying NOX to the datacenter. Proc. of workshop on Hot Topics in Networks (HotNets-VIII)Google Scholar
  35. 35.
    Erickson D (2013) The Beacon OpenFlow controller. In: The second ACM SIGCOMM workshop on hot topics in software defined networking, pp 13–18Google Scholar
  36. 36.
    Build SDN Agilely. https://osrg.github.io/ryu/. Accessed on 5 May 2018
  37. 37.
    MUL. http://www.openmul.org/. Accessed on 1 May 2018
  38. 38.
    Trema: full-stack OpenFlow framework in Ruby and C. https://trema.github.io/trema/. Accessed on 1 April 2018
  39. 39.
    Nguyen TMC, Hoang DB, Chaczko Z (2016) Can SDN technology be transported to software-defined WSN/IoT? In: IEEE International Conference on Internet of Things and IEEE Green Computing and Communications and IEEE Cyber, Physical and Social Computing and IEEE Smart Data, pp 234–239Google Scholar
  40. 40.
  41. 41.
    Brocodo Network Advisor Data Sheet. http://www.dataswitchworks.com/datasheets/Network_Advisor_DS.pdf. Accessed on 19 Aug 2018
  42. 42.
    Aricent Featured White Paper: Routing Protocols and SDN. https://www.sdxcentral.com/articles/featured/routing-protocols-aricent-white-paper/2015/02/. Accessed on 11 May 2018
  43. 43.
    HPE Network Optimizer SDN Application—1.3.41 Installation Guide. https://support.hpe.com/hpsc/doc/public/display?docId=c05040243. Accessed on 8 May 2018
  44. 44.
    HPE Network Protector SDN Application Version 1.3.105 Administrator Guide. https://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-c05201088-1.pdf. Accessed on 30 April 2018
  45. 45.
  46. 46.
    HPE Network Visualizer SDN Application 1.1 Administrator Guide. https://support.hpe.com/hpsc/doc/public/display?docId=c05040369. Accessed on 30 April 2018
  47. 47.
  48. 48.
    Foster N, Harrison R, Freedman MJ, Monsanto C, Rexford J, Story A, Walker D (2011) Frenetic: a network programming language. ACM SIGPLAN Not 46(9):279–291CrossRefzbMATHGoogle Scholar
  49. 49.
    Reich J, Monsanto C, Foster N, Rexford J, Walker D (2013) Modular SDN programming with pyretic. Technical Report of USENIXGoogle Scholar
  50. 50.
    Panda S, Jana P (2016) An efficient task consolidation algorithm for cloud computing systems. In: Bjørner N, Prasad S, Parida L (eds) International Conference on Distributed Computing and Internet Technology. Springer, Berlin, pp 61–74Google Scholar
  51. 51.
    Panda S, Jana P (2015) An efficient resource allocation algorithm for IaaS cloud. In: Natarajan R, Barua G, Patra MR (eds) International Conference on Distributed Computing and Internet Technology. Springer, Berlin, pp 351–355Google Scholar
  52. 52.
    Panda S, Jana P (2015) Efficient task scheduling algorithms for heterogeneous multi-cloud environment. J Supercomput 71(4):1505–1533CrossRefGoogle Scholar
  53. 53.
    Panda S, Jana P (2017) SLA-based task scheduling algorithms for heterogeneous multi-cloud environment. J Supercomput 73(6):2730–2762CrossRefGoogle Scholar
  54. 54.
    Kumar M, Gupta I, Panda S, Jana P (2017) Granularity-based workflow scheduling algorithm for cloud computing. J Supercomput 73(12):5440–5464CrossRefGoogle Scholar
  55. 55.
    Panda S, Jana P (2018) Normalization-based task scheduling algorithms for heterogeneous multi-cloud environment. Inf Syst Front 20(2):373–399CrossRefGoogle Scholar
  56. 56.
    Panda S, Jana P (2018) An energy-efficient task scheduling algorithm for heterogeneous cloud computing systems. Cluster Comput.  https://doi.org/10.1007/s10586-018-2858-8
  57. 57.
    Hungyo M, Pandey M (2016) SDN based implementation of publish/subscribe paradigm using OpenFlow multicast. In: IEEE International Conference on Advanced Networks and Telecommunications Systems, pp 1–6Google Scholar
  58. 58.
    Voellmy A, Wang J (2012) Scalable software defined network controllers. ACM SIGCOMM Comput Commun Rev 42(4):289–290CrossRefGoogle Scholar
  59. 59.
    Metzler J, Metzler A (2013) Ten things to look for in an SDN controller. https://www.webtorials.com/content/2013/05/ten-things-to-look-for-in-an-sdn-controller.html. Accessed 15 Aug 2018
  60. 60.
    Jammal M, Singh T, Shami A, Asal R, Li Y (2014) Software defined networking: state of the art and research challenges. Comput Netw 72:74–98CrossRefGoogle Scholar
  61. 61.
    Monsanto C, Reich J, Foster N, Rexford J, Walker D (2013) Composing software defined networks. In: 10th USENIX Conference on Networked Systems Design and Implementation, pp 1–13Google Scholar
  62. 62.
    Shin S, Song Y, Lee T, Lee S, Chung J, Porras P, Yegneswaran V, Noh J, Kang BB (2014) Rosemary: a robust, secure and high-performance network operating system. In: ACM SIGSAC Conference on Computer and Communications Security, pp 78–89Google Scholar
  63. 63.
    Xie H, Tsou T, Yin H, Lopez D (2018) Use cases for ALTO with software defined networks. https://tools.ietf.org/html/draft-xie-alto-sdn-use-cases-00. Accessed on 19 Aug 2018
  64. 64.
    Akhunzada A, Gani A, Anuar NB, Abdelaziz A, Khan MK, Hayat A, Khan SU (2016) Secure and dependable software defined networks. J Netw Comput Appl 61:199–221CrossRefGoogle Scholar
  65. 65.
    Scott-Hayward S, Natarajan S, Sezer S (2016) A survey of security in software defined networks. IEEE Commun Surv Tutor 18(1):623–654CrossRefGoogle Scholar
  66. 66.
    Dayal N, Maity P, Srivastava S, Khondoker R (2017) Research trends in security and DDoS in SDN. Secur Commun Netw 9(18):6386–6411CrossRefGoogle Scholar
  67. 67.
    Sahoo K, Behera R, Sahoo B, Tiwary M (2018) Distributed denial-of-service threats and defense mechanisms in software-defined networks: a layer-wise review. In: Handbook of e-business security, pp 101–135Google Scholar
  68. 68.
    Fultz N, Grossklags J (2009) Blue versus red: towards a model of distributed security attacks. In: International Conference on Financial Cryptography and Data Security. Lecture Notes in Computer Science, vol 5628, pp 167–183Google Scholar
  69. 69.
    Greenemeier L (2007) Estonian attacks raise concern over cyber nuclear winter. Information Week. https://www.informationweek.com/estonian-attacks-raise-concern-over-cyber-nuclear-winter/d/d-id/1055474. Accessed 20 Aug 2018
  70. 70.
    Baraniuk C (2017) DDoS: website-crippling cyber-attacks to rise in 2016. https://www.bbc.co.uk/news/technology-35376327. Accessed on 15 Sept 2017
  71. 71.
    Kupreev O (2018) DDoS Attacks in Q3 2018. https://securelist.com/ddos-report-in-q3-2018/88617/. Accessed on 10 Dec 2018
  72. 72.
    Harris David L (2018) Boston Globe says it was hit by cyberattacks. https://www.bizjournals.com/boston/news/2017/11/09/boston-globe-says-its-website-was-hit-by.html. Accessed on 15 Dec 2018
  73. 73.
    Cochran J (2018) The WireX Botnet: how industry collaboration disrupted a DDoS attack. https://blog.cloudflare.com/the-wirex-botnet/. Accessed on 10 Dec 2018
  74. 74.
    Newland J (2017) Large scale DDoS attack on github.com. https://blog.github.com/2015-03-27-large-scale-ddos-attack-on-github-com/. Accessed on 1 Oct 2017
  75. 75.
    Schwartz MJ (2017) DDoS attack slams HSBC. https://www.bankinfosecurity.com/ddos-attack-slams-hsbc-a-8835. Accessed on 11 Oct 2017
  76. 76.
    Weckler A (2017) Multiple government websites down as servers under DDoS attack. https://www.independent.ie/irish-news/news/multiple-government-websites-down-as-servers-under-ddos-attack-34387566.html. Accessed on 5 Oct 2017
  77. 77.
    Kharpal A (2017) Hack attack leaves 1,400 airline passengers grounded. https://www.cnbc.com/2015/06/22/hack-attack-leaves-1400-passengers-of-polish-airline-lot-grounded.html. Accessed on 15 Oct2 017
  78. 78.
    Sullivan B (2017) Rio 2016 Olympics suffered sustained 540 Gbps DDoS attacks. https://www.silicon.co.uk/security/rio-olympics-ddos-attacks-196998?inf_by=5b79ab16671db8426b8b5246. Accessed on 1 Oct 2017
  79. 79.
    Bisson D (2017) The 5 most significant DDoS attacks of 2016. https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/5-significant-ddos-attacks-2016/. Accessed on 10 Oct 2017
  80. 80.
    Cluley G (2018) UK National Lottery knocked offline by DDoS attack. https://www.welivesecurity.com/2017/10/02/uk-national-lottery-ddos-attack/. Accessed on 10 Dec 2018
  81. 81.
    Rayome AD (2017) Hackers attempt DDoS attacks on Clinton and Trump campaign websites using Mirai Botnet. https://www.techrepublic.com/article/hackers-attempt-ddos-attacks-on-clinton-and-trump-campaign-websites-using-mirai-botnet/. Accessed on 10 Sept 2017
  82. 82.
    Kesavan A (2016) Three types of DDoS attacks. https://blog.thousandeyes.com/three-types-ddos-attacks/. Accessed 20 Sept 2018
  83. 83.
    Shekyan S (2017) Are you ready for slow reading? https://blog.qualys.com/securitylabs/2012/01/05/slow-read. Accessed on 15 Oct 2017
  84. 84.
    Shin S, Gu G (2013) Attacking software-defined networks: a first feasibility study. In: The second ACM SIGCOMM workshop on hot topics in software defined networking, pp 165–166Google Scholar
  85. 85.
    Noh J, Lee S, Park J, Shin S, Kang BB (2016) Vulnerabilities of network OS and mitigation with state-based permission system. Secur Commun Netw 9(13):1971–1982Google Scholar
  86. 86.
    Mehdi SA, Khalid J, Khayam SA (2011) Revisiting traffic anomaly detection using software defined networking. In: Sommer R, Balzarotti D, Maier G (eds) International workshop on recent advances in intrusion detection. Springer, Berlin, pp 161–180Google Scholar
  87. 87.
    Yao G, Bi J, Xiao P (2011) Source address validation solution with OpenFlow/NOX architecture. In: 19th IEEE International Conference on Network Protocols, pp 7–12Google Scholar
  88. 88.
    Shin S, Porras P, Yegneswaran V, Fong M, Gu G, Tyson M (2013) FRESCO: modular composable security services for software-defined networks. In: NDSS symposiumGoogle Scholar
  89. 89.
    Wang B, Zheng Y, Lou W, Hou YT (2015) DDoS attack protection in the era of cloud computing and software-defined networking. Comput Netw 81(C):308–319CrossRefGoogle Scholar
  90. 90.
    Jin R, Wang B (2013) Malware detection for mobile devices using software-defined networking. In: Second GENI research and educational experiment workshop. IEEE, pp 81–88Google Scholar
  91. 91.
    Handigol N, Heller B, Jeyakumar V, Mazieres D, Mckeown N (2012) Where is the debugger for my software-defined network? In: The first workshop on hot topics in software defined networks. ACM, pp 55–60Google Scholar
  92. 92.
    Braga R, Mota E, Passito A (2010) Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE Local Computer Network Conference, pp 408–415Google Scholar
  93. 93.
    Giotis K, Argyropoulos C, Androulidakis G, Kalogeras D, Maglaris V (2014) Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput Netw 62:122–136CrossRefGoogle Scholar
  94. 94.
    Phan TV, Toan TV, Tuyen DV, Huong TT, Thanh NH (2016) OpenFlowSIA: an optimized protection scheme for software-defined networks from flooding attacks. In: IEEE Sixth International Conference on Communications and Electronics, pp 13–18Google Scholar
  95. 95.
    Passito A, Mota E, Bennesby R, Fonseca P (2014) AgNOS: a framework for autonomous control of software-defined networks. In: IEEE 28th International Conference on Advanced Information Networking and Applications, pp 405–412Google Scholar
  96. 96.
    Shin S, Gu G (2012) CloudWatcher: network security monitoring using OpenFlow in dynamic cloud networks (or: how to provide security monitoring as a service in clouds?). In: 20th IEEE International Conference on Network Protocols, pp 1–6Google Scholar
  97. 97.
    Xu Y, Liu Y (2016) DDoS attack detection under SDN context. In: The 35th Annual IEEE International Conference on Computer Communications, pp 1–9Google Scholar
  98. 98.
    Fayaz SK, Tobioka Y, Sekar V, Bailey M (2015) Bohatei: flexible and elastic DDoS defense In: 24th USENIX Security Symposium, pp 817–832Google Scholar
  99. 99.
    Buragohain C, Medhi N (2016) FlowTrApp: an SDN based architecture for DDoS attack detection and mitigation in data centers. In: 3rd International Conference on Signal Processing and Integrated Networks. IEEE, pp 519–524Google Scholar
  100. 100.
    Chesla A, Doron E (2015) Techniques for traffic diversion in software defined networks for mitigating denial of service attacks, US PatentGoogle Scholar
  101. 101.
    Hong K, Kim Y, Choi H (2018) SDN-assisted slow HTTP DDoS attack defense method. IEEE Commun Lett 22(4):688–691CrossRefGoogle Scholar
  102. 102.
    Mohammadi R, Javidan R, Conti M (2017) SLICOTS: an SDN-based lightweight countermeasure for TCP SYN flooding attacks. IEEE Trans Netw Serv Manag 14(2):487–497CrossRefGoogle Scholar
  103. 103.
    DefenseFlow. https://www.radware.com/products/defenseflow/. Accessed on 25 Oct 2017
  104. 104.
    Skoda M (2017) DDoS protection in SDN based networking. https://www.flowmon.com/en/blog/ddos-protection-sdn-networking/. Accessed on 30 Oct 2017
  105. 105.
    Ravikumar VC, Mahapatra RN (2004) TCAM architecture for IP lookup using prefix properties. IEEE Micro 24(2):60–69CrossRefGoogle Scholar
  106. 106.
    Spitznagel E, Taylor D, Turner J (2003) Packet classification using extended TCAMs. In: 11th IEEE International Conference on Network Protocols, pp 120–131Google Scholar
  107. 107.
    Jin X, Liu HH, Gandhi R, Kandula S, Mahajan R, Zhang M, Rexford J, Wattenhofer R (2014) Dynamic scheduling of network updates. ACM SIGCOMM Comput Commun Rev 44(4):539–550CrossRefGoogle Scholar
  108. 108.
    Katta N, Alipourfard O, Rexford J, Walker D (2016) Cacheflow: dependency-aware rule-caching for software-defined networks. In: The symposium on SDN research. ACM, Article No. 6Google Scholar
  109. 109.
    Wang A, Guo Y, Hao F, Lakshman TV, Chen S (2014) Scotch: elastically scaling up SDN control-plane using vswitch based overlay. In: The 10th ACM International on Conference on Emerging Networking Experiments and Technologies. ACM, pp 403–414Google Scholar
  110. 110.
    Dixit A, Hao F, Mukherjee S, Lakshman TV, Kompella R (2013) Towards an elastic distributed SDN controller. ACM SIGCOMM Comput Commun Rev 43(4):7–12CrossRefGoogle Scholar
  111. 111.
    Caba C, Soler J (2015) Mitigating SDN controller performance bottlenecks. In: 24th International Conference on Computer Communication and Networks. IEEE, pp 1–6Google Scholar
  112. 112.
    Dhawan M, Poddar R, Mahajan K, Mann V (2015) SPHINX: detecting security attacks in software-defined networks. NDSS: The Internet SocietyGoogle Scholar
  113. 113.
    Wen X, Chen Y, Hu C, Shi C, Wang Y (2013) Towards a secure controller platform for OpenFlow applications. In: The second ACM SIGCOMM workshop on hot topics in software defined networking, pp 171–172Google Scholar
  114. 114.
    Kreutz D, Ramos FMV, Verissimo P (2013) Towards secure and dependable software-defined networks. In: Second ACM SIGCOMM workshop on hot topics in software defined networking, pp 55–60Google Scholar
  115. 115.
    Shin S, Yegneswaran V, Porras P, Gu G (2013) AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. In: ACM SIGSAC Conference on Computer and Communications Security, pp 413–424Google Scholar
  116. 116.
    Wei L, Fung C (2015) FlowRanger: a request prioritizing algorithm for controller DoS attacks in software defined networks. In: IEEE International Conference on Communications, pp 5254–5259Google Scholar
  117. 117.
    Wang H, Xu L, Gu G (2015) FloodGuard: a DoS attack prevention extension in software-defined networks. In: 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp 239–250Google Scholar
  118. 118.
    Dridi L, Zhani MF (2016) SDN-guard: DoS attacks mitigation in SDN networks. In: 5th IEEE International Conference on Cloud Networking, pp 212–217Google Scholar
  119. 119.
    Zhang P, Wang H, Hu C, Lin C (2016) On denial of service attacks in software defined networks. IEEE Netw 30(6):28–33CrossRefGoogle Scholar
  120. 120.
    Shang G, Zhe P, Bin X, Aiqun H, Kui R (2017) FloodDefender: protecting data and control plane resources under SDN-aimed DoS attacks. In: IEEE Conference on Computer Communications, pp 1–9Google Scholar
  121. 121.
    Dao N, Park J, Park M (2015) A feasible method to combat against DDoS attack in SDN network. In: International Conference on Information Networking. IEEE, pp 309–311Google Scholar
  122. 122.
    Dong P, Du X, Zhang H, Xu T (2016) A detection method for a novel DDoS attack against SDN controllers by vast new low-traffic flows. In: IEEE International Conference on Communications, pp 1–6Google Scholar
  123. 123.
    Mousavi SM, St-Hilaire M (2015) Early detection of DDoS attacks against SDN controllers. In: International Conference on Computing, Networking and Communications. IEEE, pp 77–81Google Scholar
  124. 124.
    Kloti R, Kotronis V, Smith P (2013) OpenFlow: a security analysis. In: 21st IEEE International Conference on Network Protocols, pp 1–6Google Scholar
  125. 125.
    Zhang Y (2013) An adaptive flow counting method for anomaly detection in SDN. In: The Ninth ACM Conference on Emerging Networking Experiments and Technologies, pp 25–30Google Scholar
  126. 126.
    Shahreza SS, Ganjali Y (2013) Efficient implementation of security applications in OpenFlow controller with FleXam. In: IEEE 21st annual symposium on high-performance interconnects, pp 49–54Google Scholar
  127. 127.
    Hu H, Han W, Ahn G, Zhao Z (2014) FLOWGUARD: building robust firewalls for software-defined networks. In: The third workshop on hot topics in software defined networking. ACM, pp 97–102Google Scholar
  128. 128.
    Lara A, Ramamurthy B (2014) OpenSec: a framework for implementing security policies using OpenFlow. In: IEEE Global Communications Conference, pp 781–786Google Scholar
  129. 129.
    Berde P, Gerola M, Hart J, Higuchi Y, Kobayashi M, Koide T, Lantz B, O’Connor B, Radoslavov P, Snow W, Parulkar G (2014) ONOS: towards an open, distributed SDN OS. In: The third workshop on hot topics in software defined networking. ACM, pp 1–6Google Scholar
  130. 130.
    Chen K, Junuthula AR, Siddhrau IK, Xu Y, Chao HJ (2016) SDNShield: towards more comprehensive defense against DDoS attacks on SDN control plane. In: IEEE Conference on Communications and Network Security, pp 28–36Google Scholar
  131. 131.
    Porras P, Shin S, Yegneswaran V, Fong M, Tyson M, Gu G (2012) A security enforcement kernel for OpenFlow networks. In: The first workshop on hot topics in software defined networks. ACM, pp 121–126Google Scholar
  132. 132.
    Lim S, Ha J, Kim H, Kim Y, Yang S (2014) A SDN-oriented DDoS blocking scheme for botnet-based attacks. In: Sixth International Conference on Ubiquitous and Future Networks. IEEE, pp 63–68Google Scholar
  133. 133.
    Zaalouk A, Khondoker R, Marx R, Bayarou K (2014) OrchSec: an orchestrator-based architecture for enhancing network-security using network monitoring and SDN control functions. In: IEEE network operations and management symposium, pp 1–9Google Scholar
  134. 134.
    Liyanage M, Ylianttila M, Gurtov A (2014) Securing the control channel of software-defined mobile networks. In: IEEE international symposium on a world of wireless, mobile and multimedia networks. IEEE, pp 1–6Google Scholar
  135. 135.
    Bhuyan MH, Kashyap HJ, Bhattacharyya DK, Kalita JK (2014) Detecting distributed denial of service attacks: methods, tools and future directions. Comput J 57(4):537–556CrossRefGoogle Scholar
  136. 136.
    Oshima S, Nakashima T, Sueyoshi T (2010) Early DoS/DDoS detection method using short-term statistics. In: International Conference on Complex, Intelligent and Software Intensive Systems. IEEE, pp 168–173Google Scholar
  137. 137.
    Nychis G, Sekar V, Andersen DG, Kim H, Zhang H (2008) An empirical evaluation of entropy-based traffic anomaly detection. In: The 8th ACM SIGCOMM Conference on Internet Measurement, pp 151–156Google Scholar
  138. 138.
    Gu Y, McCallum A, Towsley D (2005) Detecting anomalies in network traffic using maximum entropy estimation. In: The 5th ACM SIGCOMM Conference on Internet Measurement, pp 32–37Google Scholar
  139. 139.
    Wang R, Jia Z, Ju L (2015) An entropy-based distributed DDoS detection mechanism in software-defined networking. In: IEEE Trustcom/BigDataSE/ISPA, pp 310–317Google Scholar
  140. 140.
    Sahoo KS, Tiwary M, Sahoo B (2018) Detection of high rate DDoS attack from flash events using information metrics in software defined networks. In: 10th International Conference on Communication Systems and Networks. IEEE, pp 421–424Google Scholar
  141. 141.
    Gelenbe E, Loukas G (2007) A self-aware approach to denial of service defence. Comput Netw 51(5):1299–1314CrossRefzbMATHGoogle Scholar
  142. 142.
    Wu Y, Tseng H, Yang W, Jan R (2011) DDoS detection and traceback with decision tree and grey relational analysis. Int J Ad Hoc Ubiquitous Comput 7(2):121–136CrossRefGoogle Scholar
  143. 143.
    Dotcenko S, Vladyko A, Letenko I (2014) A fuzzy logic-based information security management for software-defined networks. In: 16th International Conference on Advanced Communication Technology. IEEE, pp 167–171Google Scholar
  144. 144.
    Kokila RT, Selvi ST, Govindarajan K (2014) DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: Sixth International Conference on Advanced Computing. IEEE, pp 205–210Google Scholar
  145. 145.
    Li J, Zhao Z, Li R (2018) Machine learning-based IDS for software-defined 5G network. IET Netw 7(2):53–60CrossRefGoogle Scholar
  146. 146.
    Kalkan K, Gur G, Alagoz F (2017) Defense mechanisms against DDoS attacks in SDN environment. IEEE Commun Mag 55(9):175–179CrossRefGoogle Scholar
  147. 147.
    Hsu S, Chen T, Chang Y, Chen S, Chao H, Lin T, Shih W (2015) Design a hash-based control mechanism in vSwitch for software-defined networking environment. In: IEEE International Conference on Cluster Computing, pp 498–499Google Scholar
  148. 148.
    Lim S, Yang S, Kim Y, Yang S, Kim H (2015) Controller scheduling for continued SDN operation under DDoS attacks. Electron Lett 51(16):1259–1261CrossRefGoogle Scholar
  149. 149.
    Yan Q, Gong Q, Yu FR (2017) Effective software-defined networking controller scheduling method to mitigate DDoS attacks. IET Electron Lett 53(7):469–471CrossRefGoogle Scholar
  150. 150.
    Chin T, Mountrouidou X, Li X, Xiong K (2015) Selective packet inspection to detect DoS flooding using software defined networking (SDN). In: IEEE 35th International Conference on Distributed Computing Systems Workshops, pp 95–99Google Scholar
  151. 151.
    Xing T, Huang D, Xu L, Chung C, Khatkar P (2013) SnortFlow: a OpenFlow-based intrusion prevention system in cloud environment. In: Second GENI research and educational experiment workshop, pp 89–92Google Scholar
  152. 152.
    Chung C, Khatkar P, Xing T, Lee J, Huang D (2013) NICE: network intrusion detection and countermeasure selection in virtual network systems. IEEE Trans Dependable Secure Comput 10(4):198–211CrossRefGoogle Scholar
  153. 153.
    Ye J, Cheng X, Zhu J, Feng L, Song L (2018) A DDoS attack detection method based on SVM in software defined network. In: Security and communication networks, Hindawi, pp 1–8Google Scholar
  154. 154.
    Bhandari A, Sangal AL, Kumar K (2016) Characterizing flash events and distributed denial-of-service attacks: an empirical investigation. Secur Commun Netw 9(13):2222–2239Google Scholar
  155. 155.
    Yu S, Thapngam T, Liu J (2009) Discriminating DDoS flows from flash crowds using information distance. In: Third International Conference on Network and System Security. IEEE, pp 351–356Google Scholar
  156. 156.
    Behal S, Kumar K (2017) Detection of DDoS attacks and flash events using novel information theory metrics. Comput Netw 116:96–110CrossRefGoogle Scholar
  157. 157.
    Thapngam T, Yu S, Zhou W (2011) Discriminating DDoS attack traffic from flash crowd through packet arrival patterns. In: IEEE Conference on Computer Communications Workshops, pp 952–957Google Scholar
  158. 158.
    Moshref M, Yu M, Govindan R (2013) Resource/accuracy tradeoffs in software-defined measurement. In: The second ACM SIGCOMM workshop on hot topics in software defined networking, pp 73–78Google Scholar
  159. 159.
    Xiang Y, Li K, Zhou W (2013) Low-rate DDoS attacks detection and traceback by using new information metrics. IEEE Trans Inf Forensics Secur 6(2):426–437, 2011. Topics in Software Defined Networking. ACM, pp 73–78Google Scholar
  160. 160.
    Xu D, Erdogmuns D (2010) Renyis entropy, divergence and their nonparametric estimators. In: Principe JC (ed) Information theoretic learning. Springer, Berlin, pp 47–102Google Scholar
  161. 161.
    Keti F, Askar S (2015) Emulation of software defined networks using mininet in different simulation environments. In: 6th International Conference on Intelligent Systems, Modelling and Simulation. IEEE, pp 205–210Google Scholar
  162. 162.
    Prete LR, Shinoda AA, Schweitzer CM, Oliveira RLSD (2014) Simulation in an SDN network scenario using the POX controller. In: IEEE Colombian Conference on Communications and Computing, pp 1–6Google Scholar
  163. 163.
    Niyaz Q, Sun W, Javaid AY (2017) A deep learning based DDoS detection system in software-defined networking. ICST Trans Secur Saf 4(12):1–12CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringNational Institute of Technology RourkelaRourkelaIndia
  2. 2.Department of Information TechnologyVeer Surendra Sai University of TechnologyBurlaIndia

Personalised recommendations