Abstract
Rapid growth of network technologies necessitates the evolution and reconfiguration of network policies. The rigid nature of legacy networks is a concern for service providers. This concern leads to the popularity, and wide acceptance of emerging network architecture software-defined networking (SDN). The legacy networking approach is vendor-specific, in the case of the devices required for configuration, which is quite restrictive and cumbersome. SDN has overcome this dependency or limitation by providing the capability of centralized control and programmability. However, the architecture of SDN itself faces various security issues. Among the security threats, distributed denial of service (DDoS) attack in the network is crucially indulged in shuttering the virtue of the organization. It is, however, getting popular as the number of users over the web is increasing staggeringly. In this paper, we have presented a comprehensive review of the articles related to the detection of the AL-DDoS (application layer DDoS) attacks in legacy and SDN approaches. The paper will cover DDoS attacks in legacy networks and SDN and the research protocols used to find related high-quality research articles. We have reviewed 124 related articles to select the most relevant studies. We also present the AL-DDoS attack taxonomy, articles classification based on network approach, testing environment, and datasets. Finally, we have marked the limitations of various proposed techniques in the literature related to our survey topic along with the research gaps for the future reference of researchers.
Similar content being viewed by others
Data availability
Not applicable.
Code availability
Not applicable.
References
Singh, K., Singh, P., Kumar, K.: Application layer HTTP-GET flood DDoS attacks: research landscape and challenges. Comput. Secur. 65, 344–372 (2017). https://doi.org/10.1016/j.cose.2016.10.005
Ubale, T., Jain, A.K.: Survey on DDoS attack techniques and solutions in software-defined network. In: Gupta, B., Perez, G., Agrawal, D., Gupta, D. (eds.) Handbook of Computer Networks and Cyber Security. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-22277-2_15
Gadze, J.D., Acheampomaa Bamfo-Asante, A., Agyemang, O., Nunoo-Mensah, H., Adu-Boahen, K., Citation, O., Gadze, Bamfo-Asante, J.D. , Agyemang, A.A. , Nunoo-Mensah, J.O. , Opare, H., An, B.: An investigation into the application of deep learning in the detection and mitigation of DDOS attack on SDN controllers investigation into the application of deep learning in the detection and mitigation of DDOS attack on SDN. https://doi.org/10.3390/technologies (2021)
Tonkal, Ö., Polat, H., Başaran, E., Cömert, Z., Kocaoğlu, R.: Machine learning approach equipped with neighborhood component analysis for DDoS attack detection in software-defined networking. Electronics (Switzerland) (2021). https://doi.org/10.3390/electronics10111227
Kaur, S., Kumar, K., Aggarwal, N., Singh, G.: A comprehensive survey of DDoS defense solutions in SDN: taxonomy, research challenges, and future directions. In: Computers and Security (Vol. 110). Elsevier Ltd. https://doi.org/10.1016/j.cose.2021.102423 (2021)
Myint Oo, M., Kamolphiwong, S., Kamolphiwong, T., Vasupongayya, S.: Advanced support vector machine-(ASVM-) based detection for distributed denial of service (DDoS) attack on software defined networking (SDN). J. Comput. Netw. Commun. (2019). https://doi.org/10.1155/2019/8012568
Mishra, A., Gupta, N., Gupta, B.B.: Defense mechanisms against DDoS attack based on entropy in SDN-cloud using POX controller. Telecommun. Syst. 77(1), 47–62 (2021). https://doi.org/10.1007/s11235-020-00747-w
Virupakshar, K.B., Asundi, M., Channal, K., Shettar, P., Patil, S., Narayan, D.G.: Distributed denial of service (DDoS) attacks detection system for OpenStack-based private cloud. Procedia Comput. Sci. 167, 2297–2307 (2020). https://doi.org/10.1016/j.procs.2020.03.282
Yungaicela-Naula, N.M., Vargas-Rosales, C., Perez-Diaz, J.A.: SDN-based architecture for transport and AL-DDoS attack detection by using machine and deep learning. IEEE Access 9, 108495–108512 (2021). https://doi.org/10.1109/ACCESS.2021.3101650
Behal, S., Kumar, K., Sachdeva, M.: Characterizing DDoS attacks and flash events: Review, research gaps and future directions. Comput. Sci. Rev. 25, 101–114 (2017). https://doi.org/10.1016/j.cosrev.2017.07.003
Odusami, M., Misra, S., Abayomi-Alli, O., Abayomi-Alli, A., Fernandez-Sanz, L.: A survey and meta-analysis of application-layer distributed denial-of-service attack. Int. J. Commun. Syst. 33, 1–24 (2020). https://doi.org/10.1002/dac.4603
Bhandari, A., Sangal, A.L., Kumar, K.: Characterizing flash events and distributed denial-of-service attacks: an empirical investigation. Secur. Commun. Netw. (2016). https://doi.org/10.1002/sec.1472
Xu, Y., Cui, C., Xu, T., Li, Y.: Research on detection method of abnormal traffic in SDN, Lecture Notes Computer Science (Including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics). 11632 LNCS (2019), pp. 248–259. https://doi.org/10.1007/978-3-030-24274-9_22
Benzaid, C., Boukhalfa, M., Taleb, T.: Robust self-protection against application-layer (D)DoS attacks in SDN environment. In: IEEE wireless communication network conference WCNC. 2020-May (2020). https://doi.org/10.1109/WCNC45663.2020.9120472
Nugraha, B., Murthy, R.N.: Deep learning-based slow DDoS attack detection in SDN-based networks. In: 2020 IEEE conference on network function virtualization and software defined networks, NFV-SDN 2020—proceedings, pp. 51–56. https://doi.org/10.1109/NFV-SDN50289.2020.9289894 (2020)
Akanji, O.S., Abisoye, O.A., Iliyasu, M.A.: Mitigating slow hypertext transfer protocol distributed denial of service attacks in software defined networks. J. Inf. Commun. Technol. 20(3), 277–304 (2021). https://doi.org/10.32890/JICT2021.20.3.1
Cui, Y., Yan, L., Li, S., Xing, H., Pan, W., Zhu, J., Zheng, X.: SD-Anti-DDoS: fast and efficient DDoS defense in software-defined networks. J. Netw. Comput. Appl. 68, 65–79 (2016). https://doi.org/10.1016/j.jnca.2016.04.005
Singh, M.P., Bhandari, A.: New-flow based DDoS attacks in SDN: taxonomy, rationales, and research challenges. Comput. Commun. 154, 509–527 (2020). https://doi.org/10.1016/j.comcom.2020.02.085
Kaur, A., Bhandari, A., Kaur, S.: Current state of art and key rationales of application layer distributed denial of service attacks in software defined networking. Int. J. Sci. Technol. Res. 9, 6628 (2020)
Casado, M., Garfinkel, T., Akella, A., Freedman, M.J., Boneh, D., McKeown, N., Shenker, S.: SANE: a protection architecture for enterprise networks. In: 15th USENIX Security. Symposium, pp. 137–151 (2006)
Casado, M., Freedman, M., Pettit, J., Luo, J., McKeown, N., Shenker, S.: ETHANE: taking control of the enterprise. Comput. Commun. Rev. CCR 37, 1–12 (2007). https://doi.org/10.1145/1282380.1282382
Khalaf, B.A., Mostafa, S.A., Mustapha, A., Mohammed, M.A., Abduallah, W.M.: Comprehensive review of artificial intelligence and statistical approaches in distributed denial of service attack and defense methods. IEEE Access 2019(7), 51691–51713 (2019). https://doi.org/10.1109/ACCESS.2019.2908998
Fachkha, C., Bou-Harb, E., Debbabi, M.: Towards a forecasting model for distributed denial of service activities. In: Proceedings of the IEEE 12th International Symposium on Networking Computer Application NCA 2013, pp. 110–117. https://doi.org/10.1109/NCA.2013.13 (2013)
Kaur Chahal, J., Bhandari, A., Behal, S.: Distributed denial of service attacks: a threat or challenge. New Rev. Inf. Netw. 24, 31–103 (2019). https://doi.org/10.1080/13614576.2019.1611468
Arun Raj Kumar, P., Selvakumar, S.: Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Comput. Commun. 36, 303–319 (2013). https://doi.org/10.1016/j.comcom.2012.09.010
Xiao, P., Qu, W., Qi, H., Li, Z.: Detecting DDoS attacks against data center with correlation analysis. Comput. Commun. 67, 66–74 (2015). https://doi.org/10.1016/j.comcom.2015.06.012
Singh, B., Kumar, K., Bhandari, A.: Simulation study of AL-DDoS attack. In: Proceedings of the 2015 International Conference on Green Computing Internet Things, ICGCIoT 2015, pp. 893–898. https://doi.org/10.1109/ICGCIoT.2015.7380589 (2016)
Elsayed, M.S., Le-Khac, N.A., Dev, S., Jurcut, A.D.: DDoSNet: a deep-learning model for detecting network attacks. In: Proceedings of the 21st IEEE International Symposium on A World Wireless, Mobile Multimedia. Networks, WoWMoM 2020, pp. 391–396. https://doi.org/10.1109/WoWMoM49955.2020.00072 (2020)
Lee, S.M., Kim, D.S., Lee, J.H., Park, J.S.: Detection of DDoS attacks using optimized traffic matrix. Comput. Math. with Appl. 63, 501–510 (2012). https://doi.org/10.1016/j.camwa.2011.08.020
Indraneel, S., Praveenkumarvuppala, V.: HTTP flood attack detection in application layer using machine learning metrics and bio-inspired bat algorithm. Appl. Comput. Inf. (2017). https://doi.org/10.1016/j.aci.2017.10.003
Lopez, A.D.: Network traffic behavioral analytics for detection of DDoS attacks. SMU Data Sci. Rev. 2, 1–24 (2019)
Chen, Y., Ma, X., Wu, X.: DDoS detection algorithm based on preprocessing network traffic predicted method and chaos theory. IEEE Commun. Lett. 17, 1052–1054 (2013). https://doi.org/10.1109/LCOMM.2013.031913.130066
Xia, K.L.: Modeling and simulation of low rate of denial-of-service attacks. Appl. Mech. Mater. 484–485, 1063–1066 (2014). https://doi.org/10.4028/www.scientific.net/AMM.484-485.1063
Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recogn. Lett. 51, 1–7 (2015). https://doi.org/10.1016/j.patrec.2014.07.019
Olabelurin, A., Veluru, S., Healing, A., Rajarajan, M.: Entropy clustering approach for improving forecasting in DDoS attacks. In: ICNSC 2015—2015 IEEE 12th International Conference on Networking Sensor Control, pp. 315–320. https://doi.org/10.1109/ICNSC.2015.7116055 (2015)
Jazi, H.H., Gonzalez, H., Stakhanova, N., Ghorbani, A.A.: Detecting HTTP-based application layer DoS attacks on web servers in the presence of sampling, Computer. Networks 121, 25–36 (2017). https://doi.org/10.1016/j.comnet.2017.03.018
Liu, X.M., Cheng, G., Zhang, M., Luo, S.S.: On a novel pattern of distributed low-rate denial of service attacks. J. China Univ. Posts Telecommun. 18(12), 113–118 (2011)
Kalkan, K., Gur, G., Alagoz, F.: Defense mechanisms against DDoS attacks in SDN environment. IEEE Commun. Mag. (2017). https://doi.org/10.1109/MCOM.2017.1600970
Kalkan, K., Alagöz, F.: A distributed filtering mechanism against DDoS attacks: score for core. Comput. Netw. 108, 199–209 (2016). https://doi.org/10.1016/j.comnet.2016.08.023
Bravo, S., Mauricio, D.: Distributed denial of service attack detection in application layer based on user behavior. Webology 15, 38–53 (2018)
Xiao, Y., Jie Fan, Z., Nayak, A., Xiang Tan, C.: Discovery method for distributed denial-of-service attack behavior in SDNs using a feature-pattern graph model. Front. Inf. Technol. Electron. Eng. 20, 1195–1208 (2019). https://doi.org/10.1631/FITEE.1800436
Xylogiannopoulos, K., Karampelas, P. Alhajj, R.: Early DDoS detection based on data mining techniques. In: Information Security Theory and Practice. Securing the Internet of Things, pp. 190–199. Springer, Berlin, Heidelberg (2014)
Zhang, C., Cai, Z., Chen, W., Luo, X., Yin, J.: Flow level detection and filtering of low-rate DDoS. Comput. Netw. 56, 3417–3431 (2012). https://doi.org/10.1016/j.comnet.2012.07.003
Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks. IEEE Commun. Surv. Tutor. 15, 2046–2069 (2013). https://doi.org/10.1109/SURV.2013.031413.00127
Hong, K., Kim, Y., Choi, H., Park, J.: SDN-assisted slow HTTP DDoS attack defense method. IEEE Commun. Lett. 22, 688–691 (2018). https://doi.org/10.1109/LCOMM.2017.2766636
Lin, Y.H., Kuo, J.J., Yang, D.N., Chen, W.T.: A cost-effective shuffling-based defense against HTTP DDoS attacks with SDN/NFV. IEEE Int. Conf. Commun. (2017). https://doi.org/10.1109/ICC.2017.7997190
Rebecchi, F., Boite, J., Nardin, P.A., Bouet, M., Conan, V.: DDoS protection with stateful software-defined networking. Int. J. Netw. Manag. 29, 1–19 (2019). https://doi.org/10.1002/nem.2042
Hoque, N., Kashyap, H., Bhattacharyya, D.K.: Real-time DDoS attack detection using FPGA. Comput. Commun. 110, 48–58 (2017). https://doi.org/10.1016/j.comcom.2017.05.015
Xiao, P., Li, Z., Qi, H., Qu, W., Yu, H.: An efficient DDoS detection with bloom filter in SDN In: Proceedings of the 15th IEEE International Conference on Trust Security and Privacy in Computer Communication. 10th IEEE International Conference on Big Data Science and Engineering 14th IEEE International Symposium on Parallel Distribution. Proceeding, pp. 1–6 (2016). https://doi.org/10.1109/TrustCom.2016.0038
Dayal, N., Maity, P., Srivastava, S., Khondoker, R.: Research trends in security and DDoS in SDN, security. Commun. Netw. 9, 6386–6411 (2016). https://doi.org/10.1002/sec.1759
Shakil, M., Fuad Yousif Mohammed, A., Arul, R., Bashir, A.K., Choi, J.K.: A novel dynamic framework to detect DDoS in SDN using metaheuristic clustering. Trans. Emerg. Telecommun. Technol. 123, 1–18 (2019). https://doi.org/10.1002/ett.3622
Sahoo, K.S., Panda, S.K., Sahoo, S., Sahoo, B., Dash, R.: Toward secure software-defined networks against distributed denial of service attack, Springer US, 2019. https://doi.org/10.1007/s11227-019-02767-z
Jose, A., Nair, L.R., Paul, V.: Mitigation of distributed denial of service (DDoS) attacks over software defined networks (SDN) using machine learning and deep learning techniques (2019)
Aladaileh, M.A., Anbar, M., Hasbullah, I.H., Chong, Y.W., Sanjalawe, Y.K.: Detection techniques of distributed denial of service attacks on software-defined networking controller—a review. IEEE Access. 8, 143985–143995 (2020). https://doi.org/10.1109/ACCESS.2020.3013998
Ali, S., Alvi, M.K., Faizullah, S., Khan, M.A., Alshanqiti, A., Khan, I.: Detecting DDoS attack on SDN due to vulnerabilities in OpenFlow. In: 2019 International Conference on Advance Emerging and Computing Technologies. AECT 2019. https://doi.org/10.1109/AECT47998.2020.9194211 (2020)
Singh, J., Behal, S.: Detection and mitigation of DDoS attacks in SDN: a comprehensive review, research challenges, and future directions. Computer. Sci. Rev. 37, 100279 (2020). https://doi.org/10.1016/j.cosrev.2020.100279
Hendrawan, H., Sukarno, P., Nugroho, M.A.: Quality of service (QoS) comparison analysis of snort IDS and Bro IDS application in software define network (SDN) architecture. In: 2019 7th Interenational Conference on Information Communication Technology ICoICT 2019, pp. 1–7. https://doi.org/10.1109/ICoICT.2019.8835211 (2019)
Yadav, S., Subramanian, S.: Detection of AL-DDoS attack by feature learning using stacked AutoEncoder. In: 2016 International Conference on Computational. Technical Information Communication Technology ICCTICT 2016—proceedings, pp. 361–366. https://doi.org/10.1109/ICCTICT.2016.7514608 (2016)
Singh, K.J., De, T.: MLP-GA based algorithm to detect AL-DDoS attack. J. Inf. Secur. Appl. 36, 145–153 (2017). https://doi.org/10.1016/j.jisa.2017.09.004
Mohanapriya, P., Shalinie, S.M.: Restricted Boltzmann machine based detection system for DDoS attack in software defined networks. In: 2017 4th International Conference Signal Processing Communication Networking, ICSCN 2017, pp. 14–19. https://doi.org/10.1109/ICSCN.2017.8085731 (2017)
Niyaz, Q., Sun, W., Javaid, A.Y.: A deep learning based DDoS detection system in software-defined networking (SDN). ICST Trans. Security. Saf. 4, 153515 (2017). https://doi.org/10.4108/eai.28-12-2017.153515
Wang, M., Lu, Y., Qin, J.: A dynamic MLP-based DDoS attack detection method using feature selection and feedback. Comput. Secur. 88, 2345 (2020). https://doi.org/10.1016/j.cose.2019.101645
Santos, R., Souza, D., Santo, W., Ribeiro, A., Moreno, E.: Machine learning algorithms to detect DDoS attacks in SDN. Concurr. Comput. Pract. Exp. 32, 1–14 (2020). https://doi.org/10.1002/cpe.5402
De Lima Filho, F.S., Silveira, F.A.F., De Medeiros Brito, A., Junior, G., Vargas-Solar, L.F.S.: Smart detection: an online approach for DoS/DDoS attack detection using machine learning. Secur. Commun. Netw. (2019). https://doi.org/10.1155/2019/1574749
Janat, M., Sudha, N.: A survey on security threats and solutions for sdn using machine learning approach. Int. J. Emerg. Technol. Innov. Eng. 5, 596–602 (2019)
Zhou, W., Jia, W., Wen, S., Xiang, Y., Zhou, W.: Detection and defense of application-layer DDoS attacks in backbone web traffic. Future General Comput. Syst. 38, 36–46 (2014). https://doi.org/10.1016/j.future.2013.08.002
Jaafar, G.A., Abdullah, S.M., Ismail, S.: Review of recent detection methods for HTTP DDoS attack. J. Comput. Netw. Commun. (2019). https://doi.org/10.1155/2019/1283472
Singh, K., Singh, P., Kumar, K.: User behavior analytics-based classification of application layer HTTP-GET flood attacks. J. Netw. Comput. Appl. 112, 97–114 (2018). https://doi.org/10.1016/j.jnca.2018.03.030
Singh, B., Kumar, K., Bhandari, A.: Simulation study of AL-DDoS attack. In: Proceedings of the 2015 international conference on green computing. Internet things, ICGCIoT 2015, pp. 893–898. https://doi.org/10.1109/ICGCIoT.2015.7380589 (2016)
Najafabadi, M.M., Khoshgoftaar, T.M., Calvert, C., Kemp, C.: User behavior anomaly detection for AL-DDoS attacks. In: Proceedings of the 2017 IEEE International Conference on Information and Reuse Integration. IRI 2017. 2017-Janua, pp. 154–161. https://doi.org/10.1109/IRI.2017.44 (2017)
Xu, B., Mou, K.: Institute of Electrical and Electronics Engineers. Beijing Section, and Institute of Electrical and Electronics Engineers. (n.d.). Proceedings of 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC 2020) : June 12–14, 2020, Chongqing, China
Ahuja, N., Singal, G., Mukhopadhyay, D.: DLSDN: deep learning for DDOS attack detection in software defined networking. In: Proceedings of the Confluence 2021: 11th International Conference on Cloud Computing, Data Science and Engineering, pp. 683–688. https://doi.org/10.1109/Confluence51648.2021.9376879 (2021)
Gupta, S., Grover, D.: A Comprehensive review on detection of DDoS attacks using ML in SDN environment. Proc. Int. Conf. Artif. Intell.Smart Syst. ICAIS 2021, 1158–1163 (2021). https://doi.org/10.1109/ICAIS50930.2021.9395987
Banerjee, S., Chakraborty, P.S.: To detect the distributed denial-of-service attacks in SDN using machine learning algorithms. In: Proceedings—IEEE 2021 International Conference on Computing, Communication, and Intelligent Systems, ICCCIS 2021, pp. 966–971. https://doi.org/10.1109/ICCCIS51004.2021.9397068 (2021)
Vishal, & Vasudha. (n.d.). International Conference on Innovative Computing and Communication DOS/DDOS Attack Detection using Machine Learning: A Review. https://ssrn.com/abstract=3833289
Gaur, K., Choudhary, P., Yadav, P., Jain, A., Kumar, P.: Software defined networking: a review on architecture, security and applications. IOP Conf. Ser. Mater. Sci. Eng. 1099(1), 012073 (2021). https://doi.org/10.1088/1757-899x/1099/1/012073
Saravanan, R., Shanmuganathan, S., Palanichamy, Y.: Behavior-based detection of application layer distributed denial of service attacks during ash events. Turk. J. Electrical. Eng. Comput. Sci. 24, 510–523 (2016). https://doi.org/10.3906/elk-1308-188
Behal, S., Kumar, K.: Detection of DDoS attacks and flash events using novel information theory metrics, Computer. Networks 116, 96–110 (2017). https://doi.org/10.1016/j.comnet.2017.02.015
Sachdeva, M., Kumar, K., Singh, G.: A comprehensive approach to discriminate DDoS attacks from flash events. J. Inf. Secur. Appl. 26, 8–22 (2016). https://doi.org/10.1016/j.jisa.2015.11.001
Aburada, K., Arikawa, Y., Usuzaki, S., Yamaba, H., Katayama, T., Park, M., Okazaki, N.: Use of access characteristics to distinguish legitimate user traffic from DDoS attack traffic. Artif. Life Robot. 24, 318–323 (2019). https://doi.org/10.1007/s10015-019-00527-z
Daneshgadeh, S., Kemmerich, T., Ahmed, T., Baykal, N.: An empirical investigation of DDoS and flash event detection using shannon entropy, KOAD and SVM combined. In: 2019 International Conference on Computer Network. Communications. ICNC 2019, pp. 658–662. https://doi.org/10.1109/ICCNC.2019.8685632 (2019)
Beckett, D., Sezer, S.: HTTP/2 Tsunami: investigating HTTP/2 proxy amplification DDoS attacks. In: 2017 Seventh International Conference on Emerging Security Technologies (EST). https://doi.org/10.1109/est.2017.8090411 (2017)
Limkar, S., Jha, R.K.: An effective defence mechanism for detection of DDoS attack on application layer based on hidden Markov model. In: Advance Intelligent Soft Computing. 132 AISC, pp. 943–950. https://doi.org/10.1007/978-3-642-27443-5_108 (2012)
Aamir, M., Zaidi, S.M.A.: DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation. Int. J. Inf. Secur. 18, 761–785 (2019). https://doi.org/10.1007/s10207-019-00434-1
Sen, S., Gupta, K.D., Manjurul Ahsan, M.: Leveraging machine learning approach to setup software-defined network (SDN) controller rules during DDoS attack. Algorithms Intell. Syst. 2019, 49–60 (2019). https://doi.org/10.1007/978-981-13-7564-4_5
Banitalebi Dehkordi, A., Soltanaghaei, M.R., Boroujeni, F.Z.: The DDoS attacks detection through machine learning and statistical methods in SDN. Springer US. https://doi.org/10.1007/s11227-020-03323-w (2021)
Zhijun, W., Qing, X., Jingjie, W., Meng, Y., Liang, L.: Low-rate DDoS attack detection based on factorization machine in software defined network. IEEE Access 8, 17404–17418 (2020). https://doi.org/10.1109/ACCESS.2020.2967478
Nezhad, S.M.T., Nazari, M., Gharavol, E.A.: A novel DoS and DDoS attacks detection algorithm using ARIMA Time series model and chaotic system in computer networks. IEEE Commun. Lett. 20, 700–703 (2016). https://doi.org/10.1109/LCOMM.2016.2517622
Sahoo, K.S., Tripathy, B.K., Naik, K., Ramasubbareddy, S., Balusamy, B., Khari, M., Burgos, D.: An evolutionary SVM model for DDOS attack detection in software defined networks. IEEE Access 8, 132502–132513 (2020). https://doi.org/10.1109/ACCESS.2020.3009733
Polat, H., Polat, O., Çetin, A.: Detecting DDoS attacks in software-defined networks through feature selection methods and machine learning models. Sustainability 12, 1035 (2020)
Perakovic, D., Perisa, M., Cvitic, I., Husnjak, S.: Artificial neuron network implementation in detection and classification of DDoS traffic. IN: 24th Telecommunication. Forum, TELFOR 2016. https://doi.org/10.1109/TELFOR.2016.7818791 (2017)
Wang, L., Liu, Y.: A DDoS attack detection method based on information entropy and deep learning in SDN. In: 2020 IEEE 4th information technology, networking, electronic and automation control conference (ITNEC), Chongqing, China, pp. 1084–1088 (2020)
Saied, A., Overill, R.E., Radzik, T.: Detection of known and unknown DDoS attacks using artificial neural networks. Neurocomputing 172, 385–393 (2016). https://doi.org/10.1016/j.neucom.2015.04.101
Stevanovic, D., Vlajic, N., An, A.: Detection of malicious and non-malicious website visitors using unsupervised neural network learning. Appl. Soft Comput. J. 13, 698–708 (2013). https://doi.org/10.1016/j.asoc.2012.08.028
Kyaw, A.T., Zin Oo, M., Khin, C.S.: Machine-learning based DDOS attack classifier in software defined network. In: 17th International Conference on Electrical Engineering and Computer Telecommunication Information Technology ECTI-CON 2020, pp. 431–434. https://doi.org/10.1109/ECTI-CON49241.2020.9158230 (2020)
Valdovinos, I.A., Pérez-Díaz, J.A., Choo, K.K.R., Botero, J.F.: Emerging DDoS attack detection and mitigation strategies in software-defined networks: taxonomy, challenges and future directions. In: Journal of Network and Computer Applications (Vol. 187). Academic Press. https://doi.org/10.1016/j.jnca.2021.103093 (2021)
Swami, R., Dave, M., Ranga, V.: Detection and analysis of TCP-SYN DDoS attack in software-defined networking. Wirel. Pers. Commun. 118(4), 2295–2317 (2021). https://doi.org/10.1007/s11277-021-08127-6
Gandhi, P., Bhatia, S., Kumar, A., Alojail, M., Singh Rathore, P., Kaur, G., Gupta, P.: 6 Classifier for DDoS Attack Detection in Software Defined Networks (2021)
Dalmazo, B.L., Marques, J.A., Costa, L.R., Bonfim, M.S., Carvalho, R.N., da Silva, A.S., Fernandes, S., Bordim, J.L., Alchieri, E., Schaeffer-Filho, A., Paschoal Gaspary, L., Cordeiro, W.: A systematic review on distributed denial of service attack defense mechanisms in programmable networks. Int. J. Netw. Manag. (2021). https://doi.org/10.1002/nem.2163
Shohani, R.B., Mostafavi, S., Hakami, V.: A statistical model for early detection of DDoS attacks on random targets in SDN. Wirel. Pers. Commun. 120(1), 379–400 (2021). https://doi.org/10.1007/s11277-021-08465-5
Kshirsagar, D., Kumar, S.: A feature reduction based reflected and exploited DDoS attacks detection system. J. Ambient. Intell. Humaniz. Comput. (2021). https://doi.org/10.1007/s12652-021-02907-5
Singh, J., Behal, S.: Detection and mitigation of DDoS attacks in SDN: a comprehensive review, research challenges and future directions. In: Computer Science Review (Vol. 37). Elsevier Ireland Ltd. https://doi.org/10.1016/j.cosrev.2020.100279 (2020)
Praseed, A., Thilagam, P.S.: DDoS attacks at the application layer: challenges and research perspectives for safeguarding web applications. IEEE Commun. Surv. Tutor. 21(1), 661–685 (2019). https://doi.org/10.1109/COMST.2018.2870658
Tripathi, N., Hubballi, N.: Application layer denial-of-service attacks and defense mechanisms: a survey. ACM Comput. Surv. 54(4), 33 (2022). https://doi.org/10.1145/3448291
Dumka, A., Ashok, A., Verma, P.: Performance analysis of DDoS attack on SDN and proposal of cracking algorithm. Int. J. Inf. Technol. Project Manag. 11(4), 1–12 (2020). https://doi.org/10.4018/IJITPM.2020100101
Kareem, M., Adebukola Onashoga, S., Carolyn Oloruntoba-Tinubu, O.: IJIS-PDF (2020) 45 Detecting DDoS Attacks in Software-Defined Networking. https://www.researchgate.net/publication/354511342 (2020)
Wang, J., Liu, Y., Feng, H.: IFACNN: efficient DDoS attack detection based on improved firefly algorithm to optimize convolutional neural networks. Math. Biosci. Eng. 19(2), 1280–1303 (2021). https://doi.org/10.3934/mbe.2022059
Ajiya Ahmad, A., Boukari, S., Musa Bello, A., Aliyu Muhammad, M.: A survey of intrusion detection techniques on software defined networking (SDN). In: International Journal of Innovative Science and Research Technology (Vol. 6, Issue 8). www.ijisrt.com (2021)
Sun, S., Zhang, X., Huang, W., Xu, A., Wang, X., Han, L.: A passive DDoS attack detection approach based on abnormal analysis in SDN environment. J. Phys. Conf. Ser. 2010, 1 (2021). https://doi.org/10.1088/1742-6596/2010/1/012146
Florance, G., Anandhi, R.J.: Study on SDN with security issues. Using Mininet. (2021). https://doi.org/10.3233/apc210186
Kaur, S.: Software defined networking and MININET simulator—a review. Suraj Punj J. Multidiscip. Res. 8(8), 148–152 (2018)
Ahuja, N., Singal, G., Mukhopadhyay, D., Kumar, N.: Automated DDOS attack detection in software defined networking. J. Netw. Comput. Appl. (2021). https://doi.org/10.1016/j.jnca.2021.103108
Park, S., Kim, Y., Choi, H., Kyung, Y., Park, J.: HTTP DDoS flooding attack mitigation in software-defined networking. IEICE Trans. Inf. Syst. E104D(9), 1496–1499 (2021). https://doi.org/10.1587/transinf.2021EDL8022
Wang, Y.C., Ye, R.X.: Credibility-based countermeasure against slow HTTP DoS attacks by using SDN. In: 2021 IEEE 11th Annual Computing and Communication Workshop and Conference, CCWC 2021, pp. 890–895. https://doi.org/10.1109/CCWC51732.2021.9375911 (2021)
Bawany, N., Shamsi, J., Salah, K.: DDoS attack detection and mitigation using SDN: methods, practices, and solutions. Arab. J. Sci. Eng. (2017). https://doi.org/10.1007/s13369-017-2414-5
Dantas Silva, F.S., Silva, E., Neto, E.P., Lemos, M., Venancio Neto, A.J., Esposito, F.: A taxonomy of DDoS attack mitigation approaches featured by SDN technologies in IoT scenarios. In: Sensors (Switzerland) (Vol. 20, Issue 11). MDPI AG. https://doi.org/10.3390/s20113078 (2020)
Aryal, B., Abbas, R., Collings, I.B.: SDN enabled DDoS attack detection and mitigation for 5G networks. J. Commun. 16(7), 267–275 (2021). https://doi.org/10.12720/jcm.16.7.267-275
Ramprasath, J., Seethalakshmi, V.: Improved network monitoring using software-defined networking for DDoS detection and mitigation evaluation. Wirel. Pers. Commun. 116(3), 2743–2757 (2021). https://doi.org/10.1007/s11277-020-08042-2
Umarnani, V., Jitendra, D. R., & Chouhan, S.: (n.d.). Security in software defined networks (SDN): challenges and research opportunities. In: International Journal of Innovative Research in Computer and Communication Engineering.
Sudar, K.M., Beulah, M., Deepalakshmi, P., Nagaraj, P., Chinnasamy, P.: Detection of distributed denial of service attacks in SDN using machine learning techniques. In: 2021 International Conference on Computer Communication and Informatics, ICCCI 2021. https://doi.org/10.1109/ICCCI50826.2021.9402517 (2021)
Ahmad, A.A.: Solution model for intrusion detection in software defined networking (SDN) using machine learning related papers solution model for intrusion detection in software defined networking (SDN) using machine learning. In: Quest Journals Journal of Software Engineering and Simulation (Vol. 7, Issue 8). www.questjournals.org (2021)
Hande, Y., Muddana, A.: A survey on intrusion detection system for software defined networks (SDN). Int. J. Bus. Data Commun. Netw. 16(1), 28–47 (2020). https://doi.org/10.4018/IJBDCN.2020010103
Oo, M.M., Kamolphiwong, S., Kamolphiwong, T., Vasupongayya, S.: Month (Year), pp. xx-yy. Int. J. Netw. Distribut. Comput. 8(2), 86–93 (2020)
Author information
Authors and Affiliations
Contributions
All authors of this research paper have directly participated in the planning, study selection, quality assessment, and review process in this study. All authors of this paper have read and approved the final version submitted. The research work was conducted under the supervision of: Dr. Amanpreet Kaur Sandhu, Associate Professor, University Institute of Computing, Chandigarh University, Gharuan, and Dr. Abhinav Bhandari, Assistant Professor, Department of Computer Engineering, Punjabi University, Patiala.
Corresponding author
Ethics declarations
Conflict of interest
Sarabjeet Kaur, Amanpreet Kaur Sandhu, Abhinav Bhandari declare that they have no conflict of interest.
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Kaur, S., Sandhu, A.K. & Bhandari, A. Investigation of application layer DDoS attacks in legacy and software-defined networks: A comprehensive review. Int. J. Inf. Secur. 22, 1949–1988 (2023). https://doi.org/10.1007/s10207-023-00728-5
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00728-5