Software-Defined Networks and Methods to Mitigate Attacks on the Network
Software-defined network (SDN) is becoming an advance technology. It is not only used to manage IP networks but also manages data centers as well as cloud data and it can be applied in various types of networks. Earlier approaches for IP networks were more complex and IP networks are now a big network; thus, it is very difficult to manage those networks in terms of configuring thenetwork devices, applying policies on the network dynamically and get the knowledge of the faults, load and changes in the network. Software-defined approach made it easy to manage and configure the network. The role of the SDN controller in network devices can be extended with an application that effectively solves a particular problem and provide a flexible management service. One of the protocols used for this technology is OpenFlow. It basically works on southbound interface, i.e., between controller and network devices. Many solutions to utilize the network and exploit as much information possible from the network is one of the aim of researchers and many solutions have been proposed for the same. One of the most important and distinct features is to detect denial-of-service (DoS) attack quickly and precisely. In this paper, we are going to give an introduction about how and why SDN is trending and also analysis of solutions to detect and save a network from DDoS attacks.
KeywordsData plane DoS Northbound interface OpenFlow Software-defined networks Southbound interface etc.
We would like to express our gratitude to our Principal Scientist, Mr. Manoj Jain, and our Senior Member Research Staff, Mrs. Uma Devi B., who gave us immense opportunity to do this wonderful research on the topic Software-Defined Networking [SDN], which engaged us in doing a lot of researches and helped us in every possible way.
- 1.Benson, T., Akella, A., Maltz, D.: Unraveling the complexity of network management. In: Proceedings 6th USENIX Symposiu Networked Systems Design Implement, pp. 335–348 (2009)Google Scholar
- 2.Kreutz, B.D., Ramos, F.M.V., Verssimo, P.E., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-DefinedNetworking: a comprehensive surveyGoogle Scholar
- 5.Neustar annual ddos attacks and impact report. https://www.neustar.biz/resources/whitepapers/ddos-protection/2014-annual-ddos-attacks-and-impact-report.pdf
- 6.RFC: OpenFlow Switch Specification ver 1.5.1Google Scholar
- 7.Software Defined networking. https://www.opennetworking.orgl
- 8.Kreutz, D., Ramos, F.M.V., Verissimo, P.: Towards secure and dependable software-defined networks. ACM, HotSDN’13, pp. 1–6 (2013)Google Scholar
- 10.Wang, Y., Zhang, Y., Singh, V., Lumezanu, C., Jiang, G.: NetFuse: short-circuiting traffic surges in the cloud. In: IEEE International Conference on communications, pp. 3514–3518 (2013)Google Scholar
- 11.Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. Proc. IEEE LCN 3(1), 408–415 (2010)Google Scholar
- 12.Tcamwiki. http://en.wikipedia.org/wiki/TCAM
- 13.Kaushik, V.K., Sharma, H.K., Gopalani, D.: Load balancing in cloud- computing using high level fragmentation of datasetGoogle Scholar
- 14.Malik, S.: Dynamic load balancing in a network of workstation, 95.515 Research Report, 19th November, 2000Google Scholar
- 15.Rajoriya, S.: Load balancing techniques in cloud computing: an overview. Int. J. Sci. Res. 3(7) (2014)Google Scholar
- 16.Mousavi, S.M., St-Hilaire, M.: Early detection of DDoS attacks against SDN controllers. In: International Conference on Computing, Networking and Communications, Communications and Information Security Symposium (2015)Google Scholar