Skip to main content
SpringerLink
Log in

Investigation of application layer DDoS attacks in legacy and software-defined networks: A comprehensive review

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Rapid growth of network technologies necessitates the evolution and reconfiguration of network policies. The rigid nature of legacy networks is a concern for service providers. This concern leads to the popularity, and wide acceptance of emerging network architecture software-defined networking (SDN). The legacy networking approach is vendor-specific, in the case of the devices required for configuration, which is quite restrictive and cumbersome. SDN has overcome this dependency or limitation by providing the capability of centralized control and programmability. However, the architecture of SDN itself faces various security issues. Among the security threats, distributed denial of service (DDoS) attack in the network is crucially indulged in shuttering the virtue of the organization. It is, however, getting popular as the number of users over the web is increasing staggeringly. In this paper, we have presented a comprehensive review of the articles related to the detection of the AL-DDoS (application layer DDoS) attacks in legacy and SDN approaches. The paper will cover DDoS attacks in legacy networks and SDN and the research protocols used to find related high-quality research articles. We have reviewed 124 related articles to select the most relevant studies. We also present the AL-DDoS attack taxonomy, articles classification based on network approach, testing environment, and datasets. Finally, we have marked the limitations of various proposed techniques in the literature related to our survey topic along with the research gaps for the future reference of researchers.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Source: Arbor networks, Inc

Similar content being viewed by others

Data availability

Not applicable.

Code availability

Not applicable.

References

  1. Singh, K., Singh, P., Kumar, K.: Application layer HTTP-GET flood DDoS attacks: research landscape and challenges. Comput. Secur. 65, 344–372 (2017). https://doi.org/10.1016/j.cose.2016.10.005

    Article  Google Scholar 

  2. Ubale, T., Jain, A.K.: Survey on DDoS attack techniques and solutions in software-defined network. In: Gupta, B., Perez, G., Agrawal, D., Gupta, D. (eds.) Handbook of Computer Networks and Cyber Security. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-22277-2_15

    Chapter  Google Scholar 

  3. Gadze, J.D., Acheampomaa Bamfo-Asante, A., Agyemang, O., Nunoo-Mensah, H., Adu-Boahen, K., Citation, O., Gadze, Bamfo-Asante, J.D. , Agyemang, A.A. , Nunoo-Mensah, J.O. , Opare, H., An, B.: An investigation into the application of deep learning in the detection and mitigation of DDOS attack on SDN controllers investigation into the application of deep learning in the detection and mitigation of DDOS attack on SDN. https://doi.org/10.3390/technologies (2021)

  4. Tonkal, Ö., Polat, H., Başaran, E., Cömert, Z., Kocaoğlu, R.: Machine learning approach equipped with neighborhood component analysis for DDoS attack detection in software-defined networking. Electronics (Switzerland) (2021). https://doi.org/10.3390/electronics10111227

    Article  Google Scholar 

  5. Kaur, S., Kumar, K., Aggarwal, N., Singh, G.: A comprehensive survey of DDoS defense solutions in SDN: taxonomy, research challenges, and future directions. In: Computers and Security (Vol. 110). Elsevier Ltd. https://doi.org/10.1016/j.cose.2021.102423 (2021)

  6. Myint Oo, M., Kamolphiwong, S., Kamolphiwong, T., Vasupongayya, S.: Advanced support vector machine-(ASVM-) based detection for distributed denial of service (DDoS) attack on software defined networking (SDN). J. Comput. Netw. Commun. (2019). https://doi.org/10.1155/2019/8012568

    Article  Google Scholar 

  7. Mishra, A., Gupta, N., Gupta, B.B.: Defense mechanisms against DDoS attack based on entropy in SDN-cloud using POX controller. Telecommun. Syst. 77(1), 47–62 (2021). https://doi.org/10.1007/s11235-020-00747-w

    Article  Google Scholar 

  8. Virupakshar, K.B., Asundi, M., Channal, K., Shettar, P., Patil, S., Narayan, D.G.: Distributed denial of service (DDoS) attacks detection system for OpenStack-based private cloud. Procedia Comput. Sci. 167, 2297–2307 (2020). https://doi.org/10.1016/j.procs.2020.03.282

    Article  Google Scholar 

  9. Yungaicela-Naula, N.M., Vargas-Rosales, C., Perez-Diaz, J.A.: SDN-based architecture for transport and AL-DDoS attack detection by using machine and deep learning. IEEE Access 9, 108495–108512 (2021). https://doi.org/10.1109/ACCESS.2021.3101650

    Article  Google Scholar 

  10. Behal, S., Kumar, K., Sachdeva, M.: Characterizing DDoS attacks and flash events: Review, research gaps and future directions. Comput. Sci. Rev. 25, 101–114 (2017). https://doi.org/10.1016/j.cosrev.2017.07.003

    Article  Google Scholar 

  11. Odusami, M., Misra, S., Abayomi-Alli, O., Abayomi-Alli, A., Fernandez-Sanz, L.: A survey and meta-analysis of application-layer distributed denial-of-service attack. Int. J. Commun. Syst. 33, 1–24 (2020). https://doi.org/10.1002/dac.4603

    Article  Google Scholar 

  12. Bhandari, A., Sangal, A.L., Kumar, K.: Characterizing flash events and distributed denial-of-service attacks: an empirical investigation. Secur. Commun. Netw. (2016). https://doi.org/10.1002/sec.1472

    Article  Google Scholar 

  13. Xu, Y., Cui, C., Xu, T., Li, Y.: Research on detection method of abnormal traffic in SDN, Lecture Notes Computer Science (Including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics). 11632 LNCS (2019), pp. 248–259. https://doi.org/10.1007/978-3-030-24274-9_22

  14. Benzaid, C., Boukhalfa, M., Taleb, T.: Robust self-protection against application-layer (D)DoS attacks in SDN environment. In: IEEE wireless communication network conference WCNC. 2020-May (2020). https://doi.org/10.1109/WCNC45663.2020.9120472

  15. Nugraha, B., Murthy, R.N.: Deep learning-based slow DDoS attack detection in SDN-based networks. In: 2020 IEEE conference on network function virtualization and software defined networks, NFV-SDN 2020—proceedings, pp. 51–56. https://doi.org/10.1109/NFV-SDN50289.2020.9289894 (2020)

  16. Akanji, O.S., Abisoye, O.A., Iliyasu, M.A.: Mitigating slow hypertext transfer protocol distributed denial of service attacks in software defined networks. J. Inf. Commun. Technol. 20(3), 277–304 (2021). https://doi.org/10.32890/JICT2021.20.3.1

    Article  Google Scholar 

  17. Cui, Y., Yan, L., Li, S., Xing, H., Pan, W., Zhu, J., Zheng, X.: SD-Anti-DDoS: fast and efficient DDoS defense in software-defined networks. J. Netw. Comput. Appl. 68, 65–79 (2016). https://doi.org/10.1016/j.jnca.2016.04.005

    Article  Google Scholar 

  18. Singh, M.P., Bhandari, A.: New-flow based DDoS attacks in SDN: taxonomy, rationales, and research challenges. Comput. Commun. 154, 509–527 (2020). https://doi.org/10.1016/j.comcom.2020.02.085

    Article  Google Scholar 

  19. Kaur, A., Bhandari, A., Kaur, S.: Current state of art and key rationales of application layer distributed denial of service attacks in software defined networking. Int. J. Sci. Technol. Res. 9, 6628 (2020)

    Google Scholar 

  20. Casado, M., Garfinkel, T., Akella, A., Freedman, M.J., Boneh, D., McKeown, N., Shenker, S.: SANE: a protection architecture for enterprise networks. In: 15th USENIX Security. Symposium, pp. 137–151 (2006)

  21. Casado, M., Freedman, M., Pettit, J., Luo, J., McKeown, N., Shenker, S.: ETHANE: taking control of the enterprise. Comput. Commun. Rev. CCR 37, 1–12 (2007). https://doi.org/10.1145/1282380.1282382

    Article  Google Scholar 

  22. Khalaf, B.A., Mostafa, S.A., Mustapha, A., Mohammed, M.A., Abduallah, W.M.: Comprehensive review of artificial intelligence and statistical approaches in distributed denial of service attack and defense methods. IEEE Access 2019(7), 51691–51713 (2019). https://doi.org/10.1109/ACCESS.2019.2908998

    Article  Google Scholar 

  23. Fachkha, C., Bou-Harb, E., Debbabi, M.: Towards a forecasting model for distributed denial of service activities. In: Proceedings of the IEEE 12th International Symposium on Networking Computer Application NCA 2013, pp. 110–117. https://doi.org/10.1109/NCA.2013.13 (2013)

  24. Kaur Chahal, J., Bhandari, A., Behal, S.: Distributed denial of service attacks: a threat or challenge. New Rev. Inf. Netw. 24, 31–103 (2019). https://doi.org/10.1080/13614576.2019.1611468

    Article  Google Scholar 

  25. Arun Raj Kumar, P., Selvakumar, S.: Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Comput. Commun. 36, 303–319 (2013). https://doi.org/10.1016/j.comcom.2012.09.010

    Article  Google Scholar 

  26. Xiao, P., Qu, W., Qi, H., Li, Z.: Detecting DDoS attacks against data center with correlation analysis. Comput. Commun. 67, 66–74 (2015). https://doi.org/10.1016/j.comcom.2015.06.012

    Article  Google Scholar 

  27. Singh, B., Kumar, K., Bhandari, A.: Simulation study of AL-DDoS attack. In: Proceedings of the 2015 International Conference on Green Computing Internet Things, ICGCIoT 2015, pp. 893–898. https://doi.org/10.1109/ICGCIoT.2015.7380589 (2016)

  28. Elsayed, M.S., Le-Khac, N.A., Dev, S., Jurcut, A.D.: DDoSNet: a deep-learning model for detecting network attacks. In: Proceedings of the 21st IEEE International Symposium on A World Wireless, Mobile Multimedia. Networks, WoWMoM 2020, pp. 391–396. https://doi.org/10.1109/WoWMoM49955.2020.00072 (2020)

  29. Lee, S.M., Kim, D.S., Lee, J.H., Park, J.S.: Detection of DDoS attacks using optimized traffic matrix. Comput. Math. with Appl. 63, 501–510 (2012). https://doi.org/10.1016/j.camwa.2011.08.020

    Article  Google Scholar 

  30. Indraneel, S., Praveenkumarvuppala, V.: HTTP flood attack detection in application layer using machine learning metrics and bio-inspired bat algorithm. Appl. Comput. Inf. (2017). https://doi.org/10.1016/j.aci.2017.10.003

    Article  Google Scholar 

  31. Lopez, A.D.: Network traffic behavioral analytics for detection of DDoS attacks. SMU Data Sci. Rev. 2, 1–24 (2019)

    Google Scholar 

  32. Chen, Y., Ma, X., Wu, X.: DDoS detection algorithm based on preprocessing network traffic predicted method and chaos theory. IEEE Commun. Lett. 17, 1052–1054 (2013). https://doi.org/10.1109/LCOMM.2013.031913.130066

    Article  Google Scholar 

  33. Xia, K.L.: Modeling and simulation of low rate of denial-of-service attacks. Appl. Mech. Mater. 484–485, 1063–1066 (2014). https://doi.org/10.4028/www.scientific.net/AMM.484-485.1063

    Article  Google Scholar 

  34. Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recogn. Lett. 51, 1–7 (2015). https://doi.org/10.1016/j.patrec.2014.07.019

    Article  Google Scholar 

  35. Olabelurin, A., Veluru, S., Healing, A., Rajarajan, M.: Entropy clustering approach for improving forecasting in DDoS attacks. In: ICNSC 2015—2015 IEEE 12th International Conference on Networking Sensor Control, pp. 315–320. https://doi.org/10.1109/ICNSC.2015.7116055 (2015)

  36. Jazi, H.H., Gonzalez, H., Stakhanova, N., Ghorbani, A.A.: Detecting HTTP-based application layer DoS attacks on web servers in the presence of sampling, Computer. Networks 121, 25–36 (2017). https://doi.org/10.1016/j.comnet.2017.03.018

    Article  Google Scholar 

  37. Liu, X.M., Cheng, G., Zhang, M., Luo, S.S.: On a novel pattern of distributed low-rate denial of service attacks. J. China Univ. Posts Telecommun. 18(12), 113–118 (2011)

    Article  Google Scholar 

  38. Kalkan, K., Gur, G., Alagoz, F.: Defense mechanisms against DDoS attacks in SDN environment. IEEE Commun. Mag. (2017). https://doi.org/10.1109/MCOM.2017.1600970

    Article  Google Scholar 

  39. Kalkan, K., Alagöz, F.: A distributed filtering mechanism against DDoS attacks: score for core. Comput. Netw. 108, 199–209 (2016). https://doi.org/10.1016/j.comnet.2016.08.023

    Article  Google Scholar 

  40. Bravo, S., Mauricio, D.: Distributed denial of service attack detection in application layer based on user behavior. Webology 15, 38–53 (2018)

    Google Scholar 

  41. Xiao, Y., Jie Fan, Z., Nayak, A., Xiang Tan, C.: Discovery method for distributed denial-of-service attack behavior in SDNs using a feature-pattern graph model. Front. Inf. Technol. Electron. Eng. 20, 1195–1208 (2019). https://doi.org/10.1631/FITEE.1800436

    Article  Google Scholar 

  42. Xylogiannopoulos, K., Karampelas, P. Alhajj, R.: Early DDoS detection based on data mining techniques. In: Information Security Theory and Practice. Securing the Internet of Things, pp. 190–199. Springer, Berlin, Heidelberg (2014)

  43. Zhang, C., Cai, Z., Chen, W., Luo, X., Yin, J.: Flow level detection and filtering of low-rate DDoS. Comput. Netw. 56, 3417–3431 (2012). https://doi.org/10.1016/j.comnet.2012.07.003

    Article  Google Scholar 

  44. Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks. IEEE Commun. Surv. Tutor. 15, 2046–2069 (2013). https://doi.org/10.1109/SURV.2013.031413.00127

    Article  Google Scholar 

  45. Hong, K., Kim, Y., Choi, H., Park, J.: SDN-assisted slow HTTP DDoS attack defense method. IEEE Commun. Lett. 22, 688–691 (2018). https://doi.org/10.1109/LCOMM.2017.2766636

    Article  Google Scholar 

  46. Lin, Y.H., Kuo, J.J., Yang, D.N., Chen, W.T.: A cost-effective shuffling-based defense against HTTP DDoS attacks with SDN/NFV. IEEE Int. Conf. Commun. (2017). https://doi.org/10.1109/ICC.2017.7997190

    Article  Google Scholar 

  47. Rebecchi, F., Boite, J., Nardin, P.A., Bouet, M., Conan, V.: DDoS protection with stateful software-defined networking. Int. J. Netw. Manag. 29, 1–19 (2019). https://doi.org/10.1002/nem.2042

    Article  Google Scholar 

  48. Hoque, N., Kashyap, H., Bhattacharyya, D.K.: Real-time DDoS attack detection using FPGA. Comput. Commun. 110, 48–58 (2017). https://doi.org/10.1016/j.comcom.2017.05.015

    Article  Google Scholar 

  49. Xiao, P., Li, Z., Qi, H., Qu, W., Yu, H.: An efficient DDoS detection with bloom filter in SDN In: Proceedings of the 15th IEEE International Conference on Trust Security and Privacy in Computer Communication. 10th IEEE International Conference on Big Data Science and Engineering 14th IEEE International Symposium on Parallel Distribution. Proceeding, pp. 1–6 (2016). https://doi.org/10.1109/TrustCom.2016.0038

  50. Dayal, N., Maity, P., Srivastava, S., Khondoker, R.: Research trends in security and DDoS in SDN, security. Commun. Netw. 9, 6386–6411 (2016). https://doi.org/10.1002/sec.1759

    Article  Google Scholar 

  51. Shakil, M., Fuad Yousif Mohammed, A., Arul, R., Bashir, A.K., Choi, J.K.: A novel dynamic framework to detect DDoS in SDN using metaheuristic clustering. Trans. Emerg. Telecommun. Technol. 123, 1–18 (2019). https://doi.org/10.1002/ett.3622

    Article  Google Scholar 

  52. Sahoo, K.S., Panda, S.K., Sahoo, S., Sahoo, B., Dash, R.: Toward secure software-defined networks against distributed denial of service attack, Springer US, 2019. https://doi.org/10.1007/s11227-019-02767-z

  53. Jose, A., Nair, L.R., Paul, V.: Mitigation of distributed denial of service (DDoS) attacks over software defined networks (SDN) using machine learning and deep learning techniques (2019)

  54. Aladaileh, M.A., Anbar, M., Hasbullah, I.H., Chong, Y.W., Sanjalawe, Y.K.: Detection techniques of distributed denial of service attacks on software-defined networking controller—a review. IEEE Access. 8, 143985–143995 (2020). https://doi.org/10.1109/ACCESS.2020.3013998

    Article  Google Scholar 

  55. Ali, S., Alvi, M.K., Faizullah, S., Khan, M.A., Alshanqiti, A., Khan, I.: Detecting DDoS attack on SDN due to vulnerabilities in OpenFlow. In: 2019 International Conference on Advance Emerging and Computing Technologies. AECT 2019. https://doi.org/10.1109/AECT47998.2020.9194211 (2020)

  56. Singh, J., Behal, S.: Detection and mitigation of DDoS attacks in SDN: a comprehensive review, research challenges, and future directions. Computer. Sci. Rev. 37, 100279 (2020). https://doi.org/10.1016/j.cosrev.2020.100279

    Article  MATH  Google Scholar 

  57. Hendrawan, H., Sukarno, P., Nugroho, M.A.: Quality of service (QoS) comparison analysis of snort IDS and Bro IDS application in software define network (SDN) architecture. In: 2019 7th Interenational Conference on Information Communication Technology ICoICT 2019, pp. 1–7. https://doi.org/10.1109/ICoICT.2019.8835211 (2019)

  58. Yadav, S., Subramanian, S.: Detection of AL-DDoS attack by feature learning using stacked AutoEncoder. In: 2016 International Conference on Computational. Technical Information Communication Technology ICCTICT 2016—proceedings, pp. 361–366. https://doi.org/10.1109/ICCTICT.2016.7514608 (2016)

  59. Singh, K.J., De, T.: MLP-GA based algorithm to detect AL-DDoS attack. J. Inf. Secur. Appl. 36, 145–153 (2017). https://doi.org/10.1016/j.jisa.2017.09.004

    Article  Google Scholar 

  60. Mohanapriya, P., Shalinie, S.M.: Restricted Boltzmann machine based detection system for DDoS attack in software defined networks. In: 2017 4th International Conference Signal Processing Communication Networking, ICSCN 2017, pp. 14–19. https://doi.org/10.1109/ICSCN.2017.8085731 (2017)

  61. Niyaz, Q., Sun, W., Javaid, A.Y.: A deep learning based DDoS detection system in software-defined networking (SDN). ICST Trans. Security. Saf. 4, 153515 (2017). https://doi.org/10.4108/eai.28-12-2017.153515

    Article  Google Scholar 

  62. Wang, M., Lu, Y., Qin, J.: A dynamic MLP-based DDoS attack detection method using feature selection and feedback. Comput. Secur. 88, 2345 (2020). https://doi.org/10.1016/j.cose.2019.101645

    Article  Google Scholar 

  63. Santos, R., Souza, D., Santo, W., Ribeiro, A., Moreno, E.: Machine learning algorithms to detect DDoS attacks in SDN. Concurr. Comput. Pract. Exp. 32, 1–14 (2020). https://doi.org/10.1002/cpe.5402

    Article  Google Scholar 

  64. De Lima Filho, F.S., Silveira, F.A.F., De Medeiros Brito, A., Junior, G., Vargas-Solar, L.F.S.: Smart detection: an online approach for DoS/DDoS attack detection using machine learning. Secur. Commun. Netw. (2019). https://doi.org/10.1155/2019/1574749

    Article  Google Scholar 

  65. Janat, M., Sudha, N.: A survey on security threats and solutions for sdn using machine learning approach. Int. J. Emerg. Technol. Innov. Eng. 5, 596–602 (2019)

    Google Scholar 

  66. Zhou, W., Jia, W., Wen, S., Xiang, Y., Zhou, W.: Detection and defense of application-layer DDoS attacks in backbone web traffic. Future General Comput. Syst. 38, 36–46 (2014). https://doi.org/10.1016/j.future.2013.08.002

    Article  Google Scholar 

  67. Jaafar, G.A., Abdullah, S.M., Ismail, S.: Review of recent detection methods for HTTP DDoS attack. J. Comput. Netw. Commun. (2019). https://doi.org/10.1155/2019/1283472

    Article  Google Scholar 

  68. Singh, K., Singh, P., Kumar, K.: User behavior analytics-based classification of application layer HTTP-GET flood attacks. J. Netw. Comput. Appl. 112, 97–114 (2018). https://doi.org/10.1016/j.jnca.2018.03.030

    Article  Google Scholar 

  69. Singh, B., Kumar, K., Bhandari, A.: Simulation study of AL-DDoS attack. In: Proceedings of the 2015 international conference on green computing. Internet things, ICGCIoT 2015, pp. 893–898. https://doi.org/10.1109/ICGCIoT.2015.7380589 (2016)

  70. Najafabadi, M.M., Khoshgoftaar, T.M., Calvert, C., Kemp, C.: User behavior anomaly detection for AL-DDoS attacks. In: Proceedings of the 2017 IEEE International Conference on Information and Reuse Integration. IRI 2017. 2017-Janua, pp. 154–161. https://doi.org/10.1109/IRI.2017.44 (2017)

  71. Xu, B., Mou, K.: Institute of Electrical and Electronics Engineers. Beijing Section, and Institute of Electrical and Electronics Engineers. (n.d.). Proceedings of 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC 2020) : June 12–14, 2020, Chongqing, China

  72. Ahuja, N., Singal, G., Mukhopadhyay, D.: DLSDN: deep learning for DDOS attack detection in software defined networking. In: Proceedings of the Confluence 2021: 11th International Conference on Cloud Computing, Data Science and Engineering, pp. 683–688. https://doi.org/10.1109/Confluence51648.2021.9376879 (2021)

  73. Gupta, S., Grover, D.: A Comprehensive review on detection of DDoS attacks using ML in SDN environment. Proc. Int. Conf. Artif. Intell.Smart Syst. ICAIS 2021, 1158–1163 (2021). https://doi.org/10.1109/ICAIS50930.2021.9395987

    Article  Google Scholar 

  74. Banerjee, S., Chakraborty, P.S.: To detect the distributed denial-of-service attacks in SDN using machine learning algorithms. In: Proceedings—IEEE 2021 International Conference on Computing, Communication, and Intelligent Systems, ICCCIS 2021, pp. 966–971. https://doi.org/10.1109/ICCCIS51004.2021.9397068 (2021)

  75. Vishal, & Vasudha. (n.d.). International Conference on Innovative Computing and Communication DOS/DDOS Attack Detection using Machine Learning: A Review. https://ssrn.com/abstract=3833289

  76. Gaur, K., Choudhary, P., Yadav, P., Jain, A., Kumar, P.: Software defined networking: a review on architecture, security and applications. IOP Conf. Ser. Mater. Sci. Eng. 1099(1), 012073 (2021). https://doi.org/10.1088/1757-899x/1099/1/012073

    Article  Google Scholar 

  77. Saravanan, R., Shanmuganathan, S., Palanichamy, Y.: Behavior-based detection of application layer distributed denial of service attacks during ash events. Turk. J. Electrical. Eng. Comput. Sci. 24, 510–523 (2016). https://doi.org/10.3906/elk-1308-188

    Article  Google Scholar 

  78. Behal, S., Kumar, K.: Detection of DDoS attacks and flash events using novel information theory metrics, Computer. Networks 116, 96–110 (2017). https://doi.org/10.1016/j.comnet.2017.02.015

    Article  Google Scholar 

  79. Sachdeva, M., Kumar, K., Singh, G.: A comprehensive approach to discriminate DDoS attacks from flash events. J. Inf. Secur. Appl. 26, 8–22 (2016). https://doi.org/10.1016/j.jisa.2015.11.001

    Article  Google Scholar 

  80. Aburada, K., Arikawa, Y., Usuzaki, S., Yamaba, H., Katayama, T., Park, M., Okazaki, N.: Use of access characteristics to distinguish legitimate user traffic from DDoS attack traffic. Artif. Life Robot. 24, 318–323 (2019). https://doi.org/10.1007/s10015-019-00527-z

    Article  Google Scholar 

  81. https://www.softwaretestinghelp.com/ddos-attack-tools/

  82. Daneshgadeh, S., Kemmerich, T., Ahmed, T., Baykal, N.: An empirical investigation of DDoS and flash event detection using shannon entropy, KOAD and SVM combined. In: 2019 International Conference on Computer Network. Communications. ICNC 2019, pp. 658–662. https://doi.org/10.1109/ICCNC.2019.8685632 (2019)

  83. Beckett, D., Sezer, S.: HTTP/2 Tsunami: investigating HTTP/2 proxy amplification DDoS attacks. In: 2017 Seventh International Conference on Emerging Security Technologies (EST). https://doi.org/10.1109/est.2017.8090411 (2017)

  84. Limkar, S., Jha, R.K.: An effective defence mechanism for detection of DDoS attack on application layer based on hidden Markov model. In: Advance Intelligent Soft Computing. 132 AISC, pp. 943–950. https://doi.org/10.1007/978-3-642-27443-5_108 (2012)

  85. Aamir, M., Zaidi, S.M.A.: DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation. Int. J. Inf. Secur. 18, 761–785 (2019). https://doi.org/10.1007/s10207-019-00434-1

    Article  Google Scholar 

  86. Sen, S., Gupta, K.D., Manjurul Ahsan, M.: Leveraging machine learning approach to setup software-defined network (SDN) controller rules during DDoS attack. Algorithms Intell. Syst. 2019, 49–60 (2019). https://doi.org/10.1007/978-981-13-7564-4_5

    Article  Google Scholar 

  87. Banitalebi Dehkordi, A., Soltanaghaei, M.R., Boroujeni, F.Z.: The DDoS attacks detection through machine learning and statistical methods in SDN. Springer US. https://doi.org/10.1007/s11227-020-03323-w (2021)

  88. Zhijun, W., Qing, X., Jingjie, W., Meng, Y., Liang, L.: Low-rate DDoS attack detection based on factorization machine in software defined network. IEEE Access 8, 17404–17418 (2020). https://doi.org/10.1109/ACCESS.2020.2967478

    Article  Google Scholar 

  89. Nezhad, S.M.T., Nazari, M., Gharavol, E.A.: A novel DoS and DDoS attacks detection algorithm using ARIMA Time series model and chaotic system in computer networks. IEEE Commun. Lett. 20, 700–703 (2016). https://doi.org/10.1109/LCOMM.2016.2517622

    Article  Google Scholar 

  90. Sahoo, K.S., Tripathy, B.K., Naik, K., Ramasubbareddy, S., Balusamy, B., Khari, M., Burgos, D.: An evolutionary SVM model for DDOS attack detection in software defined networks. IEEE Access 8, 132502–132513 (2020). https://doi.org/10.1109/ACCESS.2020.3009733

    Article  Google Scholar 

  91. Polat, H., Polat, O., Çetin, A.: Detecting DDoS attacks in software-defined networks through feature selection methods and machine learning models. Sustainability 12, 1035 (2020)

    Article  Google Scholar 

  92. Perakovic, D., Perisa, M., Cvitic, I., Husnjak, S.: Artificial neuron network implementation in detection and classification of DDoS traffic. IN: 24th Telecommunication. Forum, TELFOR 2016. https://doi.org/10.1109/TELFOR.2016.7818791 (2017)

  93. Wang, L., Liu, Y.: A DDoS attack detection method based on information entropy and deep learning in SDN. In: 2020 IEEE 4th information technology, networking, electronic and automation control conference (ITNEC), Chongqing, China, pp. 1084–1088 (2020)

  94. Saied, A., Overill, R.E., Radzik, T.: Detection of known and unknown DDoS attacks using artificial neural networks. Neurocomputing 172, 385–393 (2016). https://doi.org/10.1016/j.neucom.2015.04.101

    Article  Google Scholar 

  95. Stevanovic, D., Vlajic, N., An, A.: Detection of malicious and non-malicious website visitors using unsupervised neural network learning. Appl. Soft Comput. J. 13, 698–708 (2013). https://doi.org/10.1016/j.asoc.2012.08.028

    Article  Google Scholar 

  96. Kyaw, A.T., Zin Oo, M., Khin, C.S.: Machine-learning based DDOS attack classifier in software defined network. In: 17th International Conference on Electrical Engineering and Computer Telecommunication Information Technology ECTI-CON 2020, pp. 431–434. https://doi.org/10.1109/ECTI-CON49241.2020.9158230 (2020)

  97. Valdovinos, I.A., Pérez-Díaz, J.A., Choo, K.K.R., Botero, J.F.: Emerging DDoS attack detection and mitigation strategies in software-defined networks: taxonomy, challenges and future directions. In: Journal of Network and Computer Applications (Vol. 187). Academic Press. https://doi.org/10.1016/j.jnca.2021.103093 (2021)

  98. Swami, R., Dave, M., Ranga, V.: Detection and analysis of TCP-SYN DDoS attack in software-defined networking. Wirel. Pers. Commun. 118(4), 2295–2317 (2021). https://doi.org/10.1007/s11277-021-08127-6

    Article  Google Scholar 

  99. Gandhi, P., Bhatia, S., Kumar, A., Alojail, M., Singh Rathore, P., Kaur, G., Gupta, P.: 6 Classifier for DDoS Attack Detection in Software Defined Networks (2021)

  100. Dalmazo, B.L., Marques, J.A., Costa, L.R., Bonfim, M.S., Carvalho, R.N., da Silva, A.S., Fernandes, S., Bordim, J.L., Alchieri, E., Schaeffer-Filho, A., Paschoal Gaspary, L., Cordeiro, W.: A systematic review on distributed denial of service attack defense mechanisms in programmable networks. Int. J. Netw. Manag. (2021). https://doi.org/10.1002/nem.2163

    Article  Google Scholar 

  101. Shohani, R.B., Mostafavi, S., Hakami, V.: A statistical model for early detection of DDoS attacks on random targets in SDN. Wirel. Pers. Commun. 120(1), 379–400 (2021). https://doi.org/10.1007/s11277-021-08465-5

    Article  Google Scholar 

  102. Kshirsagar, D., Kumar, S.: A feature reduction based reflected and exploited DDoS attacks detection system. J. Ambient. Intell. Humaniz. Comput. (2021). https://doi.org/10.1007/s12652-021-02907-5

    Article  Google Scholar 

  103. Singh, J., Behal, S.: Detection and mitigation of DDoS attacks in SDN: a comprehensive review, research challenges and future directions. In: Computer Science Review (Vol. 37). Elsevier Ireland Ltd. https://doi.org/10.1016/j.cosrev.2020.100279 (2020)

  104. Praseed, A., Thilagam, P.S.: DDoS attacks at the application layer: challenges and research perspectives for safeguarding web applications. IEEE Commun. Surv. Tutor. 21(1), 661–685 (2019). https://doi.org/10.1109/COMST.2018.2870658

    Article  Google Scholar 

  105. Tripathi, N., Hubballi, N.: Application layer denial-of-service attacks and defense mechanisms: a survey. ACM Comput. Surv. 54(4), 33 (2022). https://doi.org/10.1145/3448291

    Article  Google Scholar 

  106. Dumka, A., Ashok, A., Verma, P.: Performance analysis of DDoS attack on SDN and proposal of cracking algorithm. Int. J. Inf. Technol. Project Manag. 11(4), 1–12 (2020). https://doi.org/10.4018/IJITPM.2020100101

    Article  Google Scholar 

  107. Kareem, M., Adebukola Onashoga, S., Carolyn Oloruntoba-Tinubu, O.: IJIS-PDF (2020) 45 Detecting DDoS Attacks in Software-Defined Networking. https://www.researchgate.net/publication/354511342 (2020)

  108. Wang, J., Liu, Y., Feng, H.: IFACNN: efficient DDoS attack detection based on improved firefly algorithm to optimize convolutional neural networks. Math. Biosci. Eng. 19(2), 1280–1303 (2021). https://doi.org/10.3934/mbe.2022059

    Article  MATH  Google Scholar 

  109. Ajiya Ahmad, A., Boukari, S., Musa Bello, A., Aliyu Muhammad, M.: A survey of intrusion detection techniques on software defined networking (SDN). In: International Journal of Innovative Science and Research Technology (Vol. 6, Issue 8). www.ijisrt.com (2021)

  110. Sun, S., Zhang, X., Huang, W., Xu, A., Wang, X., Han, L.: A passive DDoS attack detection approach based on abnormal analysis in SDN environment. J. Phys. Conf. Ser. 2010, 1 (2021). https://doi.org/10.1088/1742-6596/2010/1/012146

    Article  Google Scholar 

  111. Florance, G., Anandhi, R.J.: Study on SDN with security issues. Using Mininet. (2021). https://doi.org/10.3233/apc210186

    Article  Google Scholar 

  112. Kaur, S.: Software defined networking and MININET simulator—a review. Suraj Punj J. Multidiscip. Res. 8(8), 148–152 (2018)

    Google Scholar 

  113. Ahuja, N., Singal, G., Mukhopadhyay, D., Kumar, N.: Automated DDOS attack detection in software defined networking. J. Netw. Comput. Appl. (2021). https://doi.org/10.1016/j.jnca.2021.103108

    Article  Google Scholar 

  114. Park, S., Kim, Y., Choi, H., Kyung, Y., Park, J.: HTTP DDoS flooding attack mitigation in software-defined networking. IEICE Trans. Inf. Syst. E104D(9), 1496–1499 (2021). https://doi.org/10.1587/transinf.2021EDL8022

    Article  Google Scholar 

  115. Wang, Y.C., Ye, R.X.: Credibility-based countermeasure against slow HTTP DoS attacks by using SDN. In: 2021 IEEE 11th Annual Computing and Communication Workshop and Conference, CCWC 2021, pp. 890–895. https://doi.org/10.1109/CCWC51732.2021.9375911 (2021)

  116. Bawany, N., Shamsi, J., Salah, K.: DDoS attack detection and mitigation using SDN: methods, practices, and solutions. Arab. J. Sci. Eng. (2017). https://doi.org/10.1007/s13369-017-2414-5

    Article  Google Scholar 

  117. Dantas Silva, F.S., Silva, E., Neto, E.P., Lemos, M., Venancio Neto, A.J., Esposito, F.: A taxonomy of DDoS attack mitigation approaches featured by SDN technologies in IoT scenarios. In: Sensors (Switzerland) (Vol. 20, Issue 11). MDPI AG. https://doi.org/10.3390/s20113078 (2020)

  118. Aryal, B., Abbas, R., Collings, I.B.: SDN enabled DDoS attack detection and mitigation for 5G networks. J. Commun. 16(7), 267–275 (2021). https://doi.org/10.12720/jcm.16.7.267-275

    Article  Google Scholar 

  119. Ramprasath, J., Seethalakshmi, V.: Improved network monitoring using software-defined networking for DDoS detection and mitigation evaluation. Wirel. Pers. Commun. 116(3), 2743–2757 (2021). https://doi.org/10.1007/s11277-020-08042-2

    Article  Google Scholar 

  120. Umarnani, V., Jitendra, D. R., & Chouhan, S.: (n.d.). Security in software defined networks (SDN): challenges and research opportunities. In: International Journal of Innovative Research in Computer and Communication Engineering.

  121. Sudar, K.M., Beulah, M., Deepalakshmi, P., Nagaraj, P., Chinnasamy, P.: Detection of distributed denial of service attacks in SDN using machine learning techniques. In: 2021 International Conference on Computer Communication and Informatics, ICCCI 2021. https://doi.org/10.1109/ICCCI50826.2021.9402517 (2021)

  122. Ahmad, A.A.: Solution model for intrusion detection in software defined networking (SDN) using machine learning related papers solution model for intrusion detection in software defined networking (SDN) using machine learning. In: Quest Journals Journal of Software Engineering and Simulation (Vol. 7, Issue 8). www.questjournals.org (2021)

  123. Hande, Y., Muddana, A.: A survey on intrusion detection system for software defined networks (SDN). Int. J. Bus. Data Commun. Netw. 16(1), 28–47 (2020). https://doi.org/10.4018/IJBDCN.2020010103

    Article  Google Scholar 

  124. Oo, M.M., Kamolphiwong, S., Kamolphiwong, T., Vasupongayya, S.: Month (Year), pp. xx-yy. Int. J. Netw. Distribut. Comput. 8(2), 86–93 (2020)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University Institute of Computing, Chandigarh University, Gharuan, Mohali, Punjab, 140413, India

    Sarabjeet Kaur & Amanpreet Kaur Sandhu

  2. Department of Computer Science and Engineering, Punjabi University, Patiala, Punjab, 147002, India

    Abhinav Bhandari

Authors
  1. Sarabjeet Kaur
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amanpreet Kaur Sandhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abhinav Bhandari
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors of this research paper have directly participated in the planning, study selection, quality assessment, and review process in this study. All authors of this paper have read and approved the final version submitted. The research work was conducted under the supervision of: Dr. Amanpreet Kaur Sandhu, Associate Professor, University Institute of Computing, Chandigarh University, Gharuan, and Dr. Abhinav Bhandari, Assistant Professor, Department of Computer Engineering, Punjabi University, Patiala.

Corresponding author

Correspondence to Sarabjeet Kaur.

Ethics declarations

Conflict of interest

Sarabjeet Kaur, Amanpreet Kaur Sandhu, Abhinav Bhandari declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kaur, S., Sandhu, A.K. & Bhandari, A. Investigation of application layer DDoS attacks in legacy and software-defined networks: A comprehensive review. Int. J. Inf. Secur. 22, 1949–1988 (2023). https://doi.org/10.1007/s10207-023-00728-5

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00728-5

Keywords

Search

Navigation