Detection of DDoS Attack Using SDN in IoT: A Survey

  • P. J. Beslin PajilaEmail author
  • E. Golden Julie
Conference paper
Part of the Lecture Notes on Data Engineering and Communications Technologies book series (LNDECT, volume 33)


IOT: Internet of Things is a developing technique, it is the system of vehicles, home apparatuses, physical gadgets, and different things installed with hardware, programming, sensors, actuators, and system availability which empower these items to associate and trade data. IOT is made out of vast number of various end frameworks associated with web. Physical gadgets installed with RFID, sensor, etc. which enables item to communicate with one another. Security is a serious issue because all the heterogeneous end systems are communicated with each other through internet.


RFID Internet of Things IoT DDoS Security DDoS attack SDN 


  1. 1.
    Chuah, J.W.: The Internet of Things: an overview and new perspectives in systems design. In: International Symposium on Integrated Circuits (2014). 978-1-4799-4833-8/14Google Scholar
  2. 2.
    Agrawal, S., Das, M.L.: Internet of Things – A Paradigm Shift of Future Internet Applications, Institute of Technology, Nirma University, Ahmedabad 382 481, 08-10 (2011)Google Scholar
  3. 3.
    Xu, X.: Study on security problems and key technologies of the Internet of Things. In: International Conference on Computation and Information Sciences (2013)Google Scholar
  4. 4.
    Kanuparthi, A., Karri, R., Addepalli, S.: Hardware and embedded security in the context of Internet of Things. In: CyCAR 2013: Proceedings of the 2013 ACM Workshop on Security, Privacy & Dependability for Cyber Vehicles, pp. 61–64 (2013)Google Scholar
  5. 5.
    Zhou, J., Cao, Z., Dong, X., Vasilakos, A.V.: Security and privacy for cloud-based IoT: challenges, countermeasures, and future directions, impact of next-generation mobile technologies on IoT: cloud convergenceGoogle Scholar
  6. 6.
    Yu, W., Köse, S.: A lightweight masked AES implementation for securing IoT against CPA attacks. IEEE Trans. Circ. Syst. I Regul. Pap. 64(11), 2934–2944 (2017)MathSciNetGoogle Scholar
  7. 7.
    Xu, T., Gao, D., Dong, P., Zhang, H., Foh, C.H., Chao, H.-C.: Defending against new-flow attack in SDN-based Internet of Things, special section on security and privacy in applications and services for future Internet of Things, vol. 5 (2017)Google Scholar
  8. 8.
    Sicari, S., Rizzardi, A., Miorandi, D., Coen-Porisini, A.: Dynamic policies in Internet of Things: enforcement and synchronization. IEEE Internet of Things J. 4(6), 2228–2238 (2017)Google Scholar
  9. 9.
    Ngu, A.H.H., Gutierrez, M., Metsis, V., Nepal, S., Sheng, Q.Z.: IoT middleware: a survey on issues and enabling technologies. IEEE Internet of Things J. 4(1), 1 (2017)Google Scholar
  10. 10.
    Fermantle, P., Scott, P.: A security survey of middleware for the Internet of Things. PeerJ PrePrints 3, e1521 (2015)Google Scholar
  11. 11.
    Razzaque, M.A., Milojevic-Jevric, M., Palade, A., Clarke, S.: Middleware for Internet of Things: a survey. IEEE Internet of Things J. 3(1), 1 (2016)Google Scholar
  12. 12.
    Moldovan, G., Tragosy, E.Z., Fragkiadakisy, A., Pöhlsz, H.C., Calvox, D.: An IoT middleware for enhanced security and privacy: the RERUM approach (2016). ISSN: 2157-4960Google Scholar
  13. 13.
    Shin, S., Gu, G.: Attacking software-defined networks: a first feasibility study. In: Proceedings of the 2nd ACM SIGCOMM Workshop Hot Topics Software Defined Networks, New York, NY, USA, pp. 165–166 (2013)Google Scholar
  14. 14.
    Pena, J.G.V., Yu, W.E.: Development of a distributed firewall using software defined networking technology. In: Proceedings of the 4th IEEE International Conference on Information Science and Technology (ICIST), Shenzhen, China, pp. 449–452 (2014)Google Scholar
  15. 15.
    Seufert, S., O’Brain, D.: Machine learning for automatic defence against Distributed Denial of Service attacks. In: IEEE International Conference on Communications (2007)Google Scholar
  16. 16.
    Yuan, X., Li, C., Li, X.: DeepDefense: identifying DDoS attack via deep learning. In: IEEE International Conference on Smart Computing (SMARTCOMP) (2017). 29-31 Electronic ISBN 978-1-5090-6517-2, Print on Demand (PoD) ISBN 978-1-5090-6518-9Google Scholar
  17. 17.
    Hoyos Ll, M.S., Isaza E, G.A., Vélez, J.I., Castillo O, L.: Distributed Denial of Service (DDoS) attacks detection using machine learning prototypeGoogle Scholar
  18. 18.
    Jararweh, Y., Al-Ayyoub, M., Darabseh, A., Benkhelifa, E., Vouk, M., Rindos, A.: SDIoT: a software defined based Internet of Things framework. Springer, Heidelberg (2015). Print ISSN 1868-5137, Online ISSN 1868-5145Google Scholar
  19. 19.
  20. 20.
  21. 21.
  22. 22.
    Irish Government Websites temporarily offline due to DDoS-attack (2016).
  23. 23.
    Thai Government Websites hit by denial-of-service attack (2016).
  24. 24.
  25. 25.
  26. 26.
    Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against Distributed Denial of Service (DDoS). IEEE Commun. Surv. Tutor. 15(4), 2046–2069 (2013)Google Scholar
  27. 27.
    Kaufman, C., Perlman, R., Sommerfeld, B.: DoS protection for UDP-based protocols. In: Proceedings of the 10th ACM Conference on Computer and Communication Security—CCS 2003, p. 2 (2003)Google Scholar
  28. 28.
    Peng, T., Leckie, C., Ramamohanarao, K.: Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Comput. Surv. 39(1), 3es (2007)Google Scholar
  29. 29.
    Czyz, J., Kallitsis, M., Papadopoulos, C., Bailey, M.: Taming the 800 Pound Gorilla: the rise and decline of NTP DDoS attacks. In: IMC, pp. 435–448 (2014)Google Scholar
  30. 30.
    ArunRaj Kumar, P., Selvakumar, S.: Distributed Denial of Service attack detection using an ensemble of neural classifier. Comput. Commun. 34(11), 1328–1341 (2011)Google Scholar
  31. 31.
    Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: LCN 2010 Proceedings of the 2010 IEEE 35th Conference on Local Computer Networks, Washington, pp. 408–415. IEEE (2010)Google Scholar
  32. 32.
    Dotcenko, S., Vladyko, A., Letenko, I.: A fuzzy logic-based information security management for software-defined networks. In: 16th International Conference on Advanced Communication Technology (ICACT), pp. 167–171. IEEE (2014)Google Scholar
  33. 33.
    Xu, X., Sun, Y., Huang, Z.: Defending DDoS attacks using hidden Markov models and cooperative reinforcement learning. In: Proceedings of the 2007 Pacific Asia Conference on Intelligence and Security Informatics, PAISI 2007, pp. 196–207 (2007). ISBN 978-3-540-71548-1Google Scholar
  34. 34.
    Bera, S., Misra, S., Vasilakos, A.V.: Software-defined networking for Internet of Things: a survey. IEEE Internet of Things J. 4(6), 1994–2008 (2017). Electronic ISSN: 2327-4662Google Scholar
  35. 35.
    Dillon, C., Berkelaar, M.: OpenFlow (D)DoS Mitigation, February 2014.
  36. 36.
    Yen, T.-F., Reiter, M.K.: Traffic aggregation for malware detection. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 207–227. Springer, Heidelberg (2008)Google Scholar
  37. 37.
    Shin, S., Porras, P., Yegneswaran, V., Fong, M., Gu, G., Tyson, M., Texas, A., Station, C., Park, M.: Fresco: modular composable security services for software-defined networks. In: Network and Distributed System Security Symposium, pp. 1–16 (2013)Google Scholar
  38. 38.
    Gu, G., Perdisci, R., Zhang, J., Lee, W.: BotMiner: clustering analysis of network traffic for protocol- and structure-independent Botnet detection. In: USENIX Security Symposium, vol. 5(2), pp. 139–154 (2008)Google Scholar
  39. 39.
    Jin, R., Wang, B.: Malware detection for mobile devices using software-defined networking. In: Proceedings of the 2013 Second GENI Research and Educational Experiment Workshop, GREE 2013, Washington, pp. 81–88. IEEE (2013)Google Scholar
  40. 40.
    Lim, S., Ha, J., Kim, H., Kim, Y., Yang, S.: A SDN-oriented DDoS blocking scheme for Botnet-based attacks. In: Sixth International Conference on Ubiquitous and Future Networks (ICUFN), pp. 63–68. IEEE (2014)Google Scholar
  41. 41.
    Mehdi, S.K., Khalid, J., Khayam, S.A.: Revisiting traffic anomaly detection using software defined networking. In: Proceedings of the 14th International Conference on Recent Advances in Intrusion Detection, pp. 161–180 (2011)Google Scholar
  42. 42.
    Schechter, S.E., Jung, J., Berger, A.W.: Fast detection of scanning worm infections. In: International Workshop on Recent Advances in Intrusion Detection. Springer, Heidelberg (2004)Google Scholar
  43. 43.
    Giotis, K., Argyropoulos, C., Androulidakis, G., Kalogeras, D., Maglaris, V.: Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput. Netw. 62, 122–136 (2014)Google Scholar
  44. 44.
    Chin, T., Mountrouidou, X., Li, X., Xiong, K.: Selective packet inspection to detect DoS flooding using software defined networking (SDN). In: 2015 IEEE 35th International Conference on distributed Computing Systems Workshops (ICDCSW), pp. 95–99. IEEE (2015)Google Scholar
  45. 45.
    Singh, K.J., De, T.: DDOS attack detection and mitigation technique based on Http count and verification using CAPTCHA. In: 2015 International Conference on Computational Intelligence and Networks (2015)Google Scholar
  46. 46.
    Yin, D., Zhang, L., Yang, K.: A DDoS attack detection and mitigation with software-defined Internet of Things framework. In: IEEE Access, Special Section on Security and Trusted Computing for Industrial Internet of Things, pp. 24694–24705, 30 April 2018Google Scholar
  47. 47.
    Zhang, J., Zhang, X., Imran, M.A., Evans, B., Zhang, Y., Wang, W.: Energy efficient hybrid satellite terrestrial 5G networks with software defined features. J. Commun. Netw. 19(2), 147–161 (2017)Google Scholar
  48. 48.
    Huo, R., et al.: Software defined networking, caching, and computing or green wireless networks. IEEE Commun. Mag. 54(11), 185–193 (2016)Google Scholar
  49. 49.
    Guest Editorial: IEEE Systems Journals Special Issue on “Intelligent Internet of Things”. IEEE Syst. J. 10(3) (2016)Google Scholar
  50. 50.
    Chung, C.-J., Khatkar, P., Xing, T., Lee, J., Huang, D.: NICE: network intrusion detection and countermeasure. IEEE Trans. Dependable Secure Comput. 10(4), 198–211 (2013)Google Scholar
  51. 51.
    Xing, T., Huang, D., Xu, L., Chung, C.J., Khatkar, P.: SnortFlow: a OpenFlow-based intrusion prevention system in cloud environment. In: Proceedings of the 2013 2nd GENI Research and Educational Experiment Workshop, GREE 2013, pp. 89–92 (2013)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringFrancis Xavier Engineering CollegeTirunelveliIndia
  2. 2.Department of Computer Science and EngineeringRegional Campus, Anna UniversityTirunelveliIndia

Personalised recommendations