Skip to main content
SpringerLink
Log in

Toward secure software-defined networks against distributed denial of service attack

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

The newly emerged software-defined networking (SDN) paradigm provides a flexible network management by decoupling the network control logic from the data plane, which could effectively resolve many security issues of legacy networks. One of such security issues is distributed denial of service (DDoS) attack, which is a rapidly growing network threat. This is usually performed on a target system to make an online service unavailable to the users. SDN can easily detect the DDoS attack due to the centralized control provisioning and network visibility. At the same time, the changes of fundamental architecture and the developments of various design entities pose a severe DDoS threat to the SDN platform. This paper presents a concise up-to-date review of security concerns of SDN, possible DDoS attack in individual layers of SDN and ongoing research efforts on SDN-enabled DDoS detection solutions. Based on the findings, an information distance-based flow discriminator framework has been discussed, which can discriminate the DDoS traffic during flash events, a similar looking legitimate traffic, in SDN environment. The information distance metric is used to describe the variations of traffic behavior of such events. The simulation results show that the information distance metric can effectively identify the DDoS traffic in comparison with other metrics with a higher detection rate. The proposed solution can detect the traffic at the edge switch so that the attack alert can be raised at the earliest.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

References

  1. Mirkovic J, Reiher P (2004) A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput Commun Rev 34(2):39–53

    Article  Google Scholar 

  2. Akhunzada A, Ahmed E, Gani A (2015) Securing software defined networks: taxonomy, requirements and open issues. IEEE Commun Mag 53(4):36–44

    Article  Google Scholar 

  3. Zargar ST, Joshi J, Tipeer D (2013) A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun Surv Tutor 15(4):2046–2069

    Article  Google Scholar 

  4. Shtem M, Sandel R, Litoiu M (2014) Towards mitigation of low and slow application DDoS attacks. In: IEEE International Conference on Cloud Engineering, pp 604–609

  5. Palmieri F, Ricciardi S, Fiore U, Ficco M, Castiglione A (2015) Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures. J Supercomput 71(5):1620–1641

    Article  Google Scholar 

  6. Modi C, Patel D, Borisaniya B, Patel A, Rajarajan M (2013) A survey on security issues and solutions at different layers of cloud computing. J Supercomput 63(2):561–592

    Article  Google Scholar 

  7. Hunag CY, Chi TM, Ting CY, Chieh CY, Ren CY (2010) A novel design for future on-demand service and security. In: IEEE 12th International Conference on Communication Technology, pp 385–388

  8. Ali ST, Sivaraman V, Radford A (2015) A survey of securing networks using software defined networking. IEEE Trans Reliab 64(3):1086–1097

    Article  Google Scholar 

  9. Hussein A, Elhajj IH, Chehab A, Kayssi A (2016) SDN security plane: an architecture for resilient security services. In: IEEE International Conference on Cloud Engineering Workshop, pp 54–59

  10. Fernandez EB (2011) Security in data intensive computing systems. In: Furht B, Escalante A (eds) Handbook of data intensive computing. Springer, Berlin, pp 447–466

  11. Incapsula. https://www.incapsula.com/blog/ddos-impact-cost-of-ddos-attack.html. Accessed on 20 Oct 2017

  12. Singh S, Sharma PK, Moon SY, Moon D, Park JH (2016) A comprehensive study on APT attacks and countermeasures for future networks and communications: challenges and solutions. J Supercomput. https://doi.org/10.1007/s11227-016-1850-4

  13. Yan Q, Yu FR, Gong Q (2016) Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues and challenges. IEEE Commun Sur Tutor 18(1):602–622

    Article  Google Scholar 

  14. Peng T, Leckie C, Ramamohanarao K (2007) Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Comput Surv 39(1):1–42

    Article  Google Scholar 

  15. Jarraya Y, Madi T, Debbabi M (2014) A survey and a layered taxonomy of software-defined networking. IEEE Commun Surv Tutor 16(4):1955–1980

    Article  Google Scholar 

  16. Kobo HI, Abu-Mahfouz AM, Hancke GP (2017) A survey on software-defined wireless sensor networks: challenges and design requirements. IEEE Access 5:1872–1899

    Article  Google Scholar 

  17. Sahoo KS, Mohanty S, Tiwary M, Mishra BK, Sahoo B (2016) A comprehensive tutorial on software defined network: the driving force for the future internet technology. In: International Conference on Advances in Information Communication Technology and Computing. ACM, Article No. 114

  18. Vaughan-Nichols SJ (2011) OpenFlow: the next generation of the network? IEEE Comput 44(8):13–15

    Article  Google Scholar 

  19. Wibowo FXA, Gregory MA, Ahmed K, Gomez KM (2017) Multi-domain software defined networking: research status and challenges. J Netw Comput Appl 87:32–45

    Article  Google Scholar 

  20. Xia W, Wen Y, Foh CH (2015) A survey on software-defined networking. IEEE Commun Surv Tutor 17(1):27–51

    Article  Google Scholar 

  21. Hasan SF (2014) Software-defined networking, emerging trends in communication networks. Springer, Berlin, pp 19–32

    Google Scholar 

  22. Pica8. http://www.blucorona.com/solutions/pica8/p-3295.shtml. Accessed on 10 April 2018

  23. Software Defined Networking (SDN) Configuration Guide. http://pleiades.ucsc.edu/doc/brocade/netiron-05900-sdnguide.pdf. Accessed on 10 Jan 2018

  24. HPE 3800 Series. https://h20195.www2.hpe.com/v2/GetPDF.aspx/4AA3-7115ENW.pdf. Accessed on 10 Jan 2018

  25. Exploring Software-Defined Networking with Brocade. https://cio.economictimes.indiatimes.com/files/cp/12/cdoc-1457526264-BRCD_ExploringSDN_WP.pdf. Accessed on 10 Jan 2018

  26. OpenFlow 1.3 Features Supported in EXOS. https://gtacknowledge.extremenetworks.com/articles/Solution/OpenFlow-1-3-features-supported-in-EXOS. Accessed on 10 March 2018

  27. IBM System Networking RackSwitch. https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=an&subtype=ca&appname=gpateam&supplier=897&letternum=ENUS114-011. Accessed on 10 March 2018

  28. OpenFlow Support on Juniper Network Devices. https://www.juniper.net/documentation/en_US/release-independent/junos/topics/reference/general/junos-sdn-openflow-supported-platforms.html. Accessed on 10 April 2018

  29. Arista 7150 Series. https://www.arista.com/en/products/7150-series. Accessed on 10 April 2018

  30. Xie J, Guo D, Hu Z, Qu T, Lv P (2015) Control plane of software defined networks: a survey. Comput Commun 67:1–10

    Article  Google Scholar 

  31. Wallner R, Cannistra R (2013) An SDN approach: quality of service using big switch’s floodlight open-source controller. Asia-Pacif Adv Netw 35:14–19

    Google Scholar 

  32. Medved J, Varga R, Tkacik A, Gray K (2014) OpenDaylight: towards a model-driven SDN controller architecture. In: IEEE international symposium on a world of wireless, mobile and multimedia networks, pp 1–6

  33. Kaur S, Singh J, Ghumman NS (2014) Network programmability using POX controller. In: International Conference on Communication, Computing and Systems. IEEE

  34. Tavakoli A, Casado M, Koponen T, Shenker S (2009) Applying NOX to the datacenter. Proc. of workshop on Hot Topics in Networks (HotNets-VIII)

  35. Erickson D (2013) The Beacon OpenFlow controller. In: The second ACM SIGCOMM workshop on hot topics in software defined networking, pp 13–18

  36. Build SDN Agilely. https://osrg.github.io/ryu/. Accessed on 5 May 2018

  37. MUL. http://www.openmul.org/. Accessed on 1 May 2018

  38. Trema: full-stack OpenFlow framework in Ruby and C. https://trema.github.io/trema/. Accessed on 1 April 2018

  39. Nguyen TMC, Hoang DB, Chaczko Z (2016) Can SDN technology be transported to software-defined WSN/IoT? In: IEEE International Conference on Internet of Things and IEEE Green Computing and Communications and IEEE Cyber, Physical and Social Computing and IEEE Smart Data, pp 234–239

  40. Brocodo Flow Optimizer. https://www.walkerfirst.com/uploads/files/literature/Brocade%20Flow%20Optimizer.pdf. Accessed on 10 May 2018

  41. Brocodo Network Advisor Data Sheet. http://www.dataswitchworks.com/datasheets/Network_Advisor_DS.pdf. Accessed on 19 Aug 2018

  42. Aricent Featured White Paper: Routing Protocols and SDN. https://www.sdxcentral.com/articles/featured/routing-protocols-aricent-white-paper/2015/02/. Accessed on 11 May 2018

  43. HPE Network Optimizer SDN Application—1.3.41 Installation Guide. https://support.hpe.com/hpsc/doc/public/display?docId=c05040243. Accessed on 8 May 2018

  44. HPE Network Protector SDN Application Version 1.3.105 Administrator Guide. https://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-c05201088-1.pdf. Accessed on 30 April 2018

  45. TechM Server Load Balancer. https://community.arubanetworks.com/t5/TechM-Server-Load-Balancer/ct-p/TechMServerLoadBalancer. Accessed on 1 May 2018

  46. HPE Network Visualizer SDN Application 1.1 Administrator Guide. https://support.hpe.com/hpsc/doc/public/display?docId=c05040369. Accessed on 30 April 2018

  47. SDN - Architecture and Role of OpenFLow. https://www.howtoforge.com/tutorial/software-defined-networking-sdn-architecture-and-role-of-openflow/. Accessed on 5 May 2018

  48. Foster N, Harrison R, Freedman MJ, Monsanto C, Rexford J, Story A, Walker D (2011) Frenetic: a network programming language. ACM SIGPLAN Not 46(9):279–291

    Article  MATH  Google Scholar 

  49. Reich J, Monsanto C, Foster N, Rexford J, Walker D (2013) Modular SDN programming with pyretic. Technical Report of USENIX

  50. Panda S, Jana P (2016) An efficient task consolidation algorithm for cloud computing systems. In: Bjørner N, Prasad S, Parida L (eds) International Conference on Distributed Computing and Internet Technology. Springer, Berlin, pp 61–74

  51. Panda S, Jana P (2015) An efficient resource allocation algorithm for IaaS cloud. In: Natarajan R, Barua G, Patra MR (eds) International Conference on Distributed Computing and Internet Technology. Springer, Berlin, pp 351–355

  52. Panda S, Jana P (2015) Efficient task scheduling algorithms for heterogeneous multi-cloud environment. J Supercomput 71(4):1505–1533

    Article  Google Scholar 

  53. Panda S, Jana P (2017) SLA-based task scheduling algorithms for heterogeneous multi-cloud environment. J Supercomput 73(6):2730–2762

    Article  Google Scholar 

  54. Kumar M, Gupta I, Panda S, Jana P (2017) Granularity-based workflow scheduling algorithm for cloud computing. J Supercomput 73(12):5440–5464

    Article  Google Scholar 

  55. Panda S, Jana P (2018) Normalization-based task scheduling algorithms for heterogeneous multi-cloud environment. Inf Syst Front 20(2):373–399

    Article  Google Scholar 

  56. Panda S, Jana P (2018) An energy-efficient task scheduling algorithm for heterogeneous cloud computing systems. Cluster Comput. https://doi.org/10.1007/s10586-018-2858-8

  57. Hungyo M, Pandey M (2016) SDN based implementation of publish/subscribe paradigm using OpenFlow multicast. In: IEEE International Conference on Advanced Networks and Telecommunications Systems, pp 1–6

  58. Voellmy A, Wang J (2012) Scalable software defined network controllers. ACM SIGCOMM Comput Commun Rev 42(4):289–290

    Article  Google Scholar 

  59. Metzler J, Metzler A (2013) Ten things to look for in an SDN controller. https://www.webtorials.com/content/2013/05/ten-things-to-look-for-in-an-sdn-controller.html. Accessed 15 Aug 2018

  60. Jammal M, Singh T, Shami A, Asal R, Li Y (2014) Software defined networking: state of the art and research challenges. Comput Netw 72:74–98

    Article  Google Scholar 

  61. Monsanto C, Reich J, Foster N, Rexford J, Walker D (2013) Composing software defined networks. In: 10th USENIX Conference on Networked Systems Design and Implementation, pp 1–13

  62. Shin S, Song Y, Lee T, Lee S, Chung J, Porras P, Yegneswaran V, Noh J, Kang BB (2014) Rosemary: a robust, secure and high-performance network operating system. In: ACM SIGSAC Conference on Computer and Communications Security, pp 78–89

  63. Xie H, Tsou T, Yin H, Lopez D (2018) Use cases for ALTO with software defined networks. https://tools.ietf.org/html/draft-xie-alto-sdn-use-cases-00. Accessed on 19 Aug 2018

  64. Akhunzada A, Gani A, Anuar NB, Abdelaziz A, Khan MK, Hayat A, Khan SU (2016) Secure and dependable software defined networks. J Netw Comput Appl 61:199–221

    Article  Google Scholar 

  65. Scott-Hayward S, Natarajan S, Sezer S (2016) A survey of security in software defined networks. IEEE Commun Surv Tutor 18(1):623–654

    Article  Google Scholar 

  66. Dayal N, Maity P, Srivastava S, Khondoker R (2017) Research trends in security and DDoS in SDN. Secur Commun Netw 9(18):6386–6411

    Article  Google Scholar 

  67. Sahoo K, Behera R, Sahoo B, Tiwary M (2018) Distributed denial-of-service threats and defense mechanisms in software-defined networks: a layer-wise review. In: Handbook of e-business security, pp 101–135

  68. Fultz N, Grossklags J (2009) Blue versus red: towards a model of distributed security attacks. In: International Conference on Financial Cryptography and Data Security. Lecture Notes in Computer Science, vol 5628, pp 167–183

  69. Greenemeier L (2007) Estonian attacks raise concern over cyber nuclear winter. Information Week. https://www.informationweek.com/estonian-attacks-raise-concern-over-cyber-nuclear-winter/d/d-id/1055474. Accessed 20 Aug 2018

  70. Baraniuk C (2017) DDoS: website-crippling cyber-attacks to rise in 2016. https://www.bbc.co.uk/news/technology-35376327. Accessed on 15 Sept 2017

  71. Kupreev O (2018) DDoS Attacks in Q3 2018. https://securelist.com/ddos-report-in-q3-2018/88617/. Accessed on 10 Dec 2018

  72. Harris David L (2018) Boston Globe says it was hit by cyberattacks. https://www.bizjournals.com/boston/news/2017/11/09/boston-globe-says-its-website-was-hit-by.html. Accessed on 15 Dec 2018

  73. Cochran J (2018) The WireX Botnet: how industry collaboration disrupted a DDoS attack. https://blog.cloudflare.com/the-wirex-botnet/. Accessed on 10 Dec 2018

  74. Newland J (2017) Large scale DDoS attack on github.com. https://blog.github.com/2015-03-27-large-scale-ddos-attack-on-github-com/. Accessed on 1 Oct 2017

  75. Schwartz MJ (2017) DDoS attack slams HSBC. https://www.bankinfosecurity.com/ddos-attack-slams-hsbc-a-8835. Accessed on 11 Oct 2017

  76. Weckler A (2017) Multiple government websites down as servers under DDoS attack. https://www.independent.ie/irish-news/news/multiple-government-websites-down-as-servers-under-ddos-attack-34387566.html. Accessed on 5 Oct 2017

  77. Kharpal A (2017) Hack attack leaves 1,400 airline passengers grounded. https://www.cnbc.com/2015/06/22/hack-attack-leaves-1400-passengers-of-polish-airline-lot-grounded.html. Accessed on 15 Oct2 017

  78. Sullivan B (2017) Rio 2016 Olympics suffered sustained 540 Gbps DDoS attacks. https://www.silicon.co.uk/security/rio-olympics-ddos-attacks-196998?inf_by=5b79ab16671db8426b8b5246. Accessed on 1 Oct 2017

  79. Bisson D (2017) The 5 most significant DDoS attacks of 2016. https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/5-significant-ddos-attacks-2016/. Accessed on 10 Oct 2017

  80. Cluley G (2018) UK National Lottery knocked offline by DDoS attack. https://www.welivesecurity.com/2017/10/02/uk-national-lottery-ddos-attack/. Accessed on 10 Dec 2018

  81. Rayome AD (2017) Hackers attempt DDoS attacks on Clinton and Trump campaign websites using Mirai Botnet. https://www.techrepublic.com/article/hackers-attempt-ddos-attacks-on-clinton-and-trump-campaign-websites-using-mirai-botnet/. Accessed on 10 Sept 2017

  82. Kesavan A (2016) Three types of DDoS attacks. https://blog.thousandeyes.com/three-types-ddos-attacks/. Accessed 20 Sept 2018

  83. Shekyan S (2017) Are you ready for slow reading? https://blog.qualys.com/securitylabs/2012/01/05/slow-read. Accessed on 15 Oct 2017

  84. Shin S, Gu G (2013) Attacking software-defined networks: a first feasibility study. In: The second ACM SIGCOMM workshop on hot topics in software defined networking, pp 165–166

  85. Noh J, Lee S, Park J, Shin S, Kang BB (2016) Vulnerabilities of network OS and mitigation with state-based permission system. Secur Commun Netw 9(13):1971–1982

    Google Scholar 

  86. Mehdi SA, Khalid J, Khayam SA (2011) Revisiting traffic anomaly detection using software defined networking. In: Sommer R, Balzarotti D, Maier G (eds) International workshop on recent advances in intrusion detection. Springer, Berlin, pp 161–180

  87. Yao G, Bi J, Xiao P (2011) Source address validation solution with OpenFlow/NOX architecture. In: 19th IEEE International Conference on Network Protocols, pp 7–12

  88. Shin S, Porras P, Yegneswaran V, Fong M, Gu G, Tyson M (2013) FRESCO: modular composable security services for software-defined networks. In: NDSS symposium

  89. Wang B, Zheng Y, Lou W, Hou YT (2015) DDoS attack protection in the era of cloud computing and software-defined networking. Comput Netw 81(C):308–319

    Article  Google Scholar 

  90. Jin R, Wang B (2013) Malware detection for mobile devices using software-defined networking. In: Second GENI research and educational experiment workshop. IEEE, pp 81–88

  91. Handigol N, Heller B, Jeyakumar V, Mazieres D, Mckeown N (2012) Where is the debugger for my software-defined network? In: The first workshop on hot topics in software defined networks. ACM, pp 55–60

  92. Braga R, Mota E, Passito A (2010) Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE Local Computer Network Conference, pp 408–415

  93. Giotis K, Argyropoulos C, Androulidakis G, Kalogeras D, Maglaris V (2014) Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput Netw 62:122–136

    Article  Google Scholar 

  94. Phan TV, Toan TV, Tuyen DV, Huong TT, Thanh NH (2016) OpenFlowSIA: an optimized protection scheme for software-defined networks from flooding attacks. In: IEEE Sixth International Conference on Communications and Electronics, pp 13–18

  95. Passito A, Mota E, Bennesby R, Fonseca P (2014) AgNOS: a framework for autonomous control of software-defined networks. In: IEEE 28th International Conference on Advanced Information Networking and Applications, pp 405–412

  96. Shin S, Gu G (2012) CloudWatcher: network security monitoring using OpenFlow in dynamic cloud networks (or: how to provide security monitoring as a service in clouds?). In: 20th IEEE International Conference on Network Protocols, pp 1–6

  97. Xu Y, Liu Y (2016) DDoS attack detection under SDN context. In: The 35th Annual IEEE International Conference on Computer Communications, pp 1–9

  98. Fayaz SK, Tobioka Y, Sekar V, Bailey M (2015) Bohatei: flexible and elastic DDoS defense In: 24th USENIX Security Symposium, pp 817–832

  99. Buragohain C, Medhi N (2016) FlowTrApp: an SDN based architecture for DDoS attack detection and mitigation in data centers. In: 3rd International Conference on Signal Processing and Integrated Networks. IEEE, pp 519–524

  100. Chesla A, Doron E (2015) Techniques for traffic diversion in software defined networks for mitigating denial of service attacks, US Patent

  101. Hong K, Kim Y, Choi H (2018) SDN-assisted slow HTTP DDoS attack defense method. IEEE Commun Lett 22(4):688–691

    Article  Google Scholar 

  102. Mohammadi R, Javidan R, Conti M (2017) SLICOTS: an SDN-based lightweight countermeasure for TCP SYN flooding attacks. IEEE Trans Netw Serv Manag 14(2):487–497

    Article  Google Scholar 

  103. DefenseFlow. https://www.radware.com/products/defenseflow/. Accessed on 25 Oct 2017

  104. Skoda M (2017) DDoS protection in SDN based networking. https://www.flowmon.com/en/blog/ddos-protection-sdn-networking/. Accessed on 30 Oct 2017

  105. Ravikumar VC, Mahapatra RN (2004) TCAM architecture for IP lookup using prefix properties. IEEE Micro 24(2):60–69

    Article  Google Scholar 

  106. Spitznagel E, Taylor D, Turner J (2003) Packet classification using extended TCAMs. In: 11th IEEE International Conference on Network Protocols, pp 120–131

  107. Jin X, Liu HH, Gandhi R, Kandula S, Mahajan R, Zhang M, Rexford J, Wattenhofer R (2014) Dynamic scheduling of network updates. ACM SIGCOMM Comput Commun Rev 44(4):539–550

    Article  Google Scholar 

  108. Katta N, Alipourfard O, Rexford J, Walker D (2016) Cacheflow: dependency-aware rule-caching for software-defined networks. In: The symposium on SDN research. ACM, Article No. 6

  109. Wang A, Guo Y, Hao F, Lakshman TV, Chen S (2014) Scotch: elastically scaling up SDN control-plane using vswitch based overlay. In: The 10th ACM International on Conference on Emerging Networking Experiments and Technologies. ACM, pp 403–414

  110. Dixit A, Hao F, Mukherjee S, Lakshman TV, Kompella R (2013) Towards an elastic distributed SDN controller. ACM SIGCOMM Comput Commun Rev 43(4):7–12

    Article  Google Scholar 

  111. Caba C, Soler J (2015) Mitigating SDN controller performance bottlenecks. In: 24th International Conference on Computer Communication and Networks. IEEE, pp 1–6

  112. Dhawan M, Poddar R, Mahajan K, Mann V (2015) SPHINX: detecting security attacks in software-defined networks. NDSS: The Internet Society

  113. Wen X, Chen Y, Hu C, Shi C, Wang Y (2013) Towards a secure controller platform for OpenFlow applications. In: The second ACM SIGCOMM workshop on hot topics in software defined networking, pp 171–172

  114. Kreutz D, Ramos FMV, Verissimo P (2013) Towards secure and dependable software-defined networks. In: Second ACM SIGCOMM workshop on hot topics in software defined networking, pp 55–60

  115. Shin S, Yegneswaran V, Porras P, Gu G (2013) AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. In: ACM SIGSAC Conference on Computer and Communications Security, pp 413–424

  116. Wei L, Fung C (2015) FlowRanger: a request prioritizing algorithm for controller DoS attacks in software defined networks. In: IEEE International Conference on Communications, pp 5254–5259

  117. Wang H, Xu L, Gu G (2015) FloodGuard: a DoS attack prevention extension in software-defined networks. In: 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp 239–250

  118. Dridi L, Zhani MF (2016) SDN-guard: DoS attacks mitigation in SDN networks. In: 5th IEEE International Conference on Cloud Networking, pp 212–217

  119. Zhang P, Wang H, Hu C, Lin C (2016) On denial of service attacks in software defined networks. IEEE Netw 30(6):28–33

    Article  Google Scholar 

  120. Shang G, Zhe P, Bin X, Aiqun H, Kui R (2017) FloodDefender: protecting data and control plane resources under SDN-aimed DoS attacks. In: IEEE Conference on Computer Communications, pp 1–9

  121. Dao N, Park J, Park M (2015) A feasible method to combat against DDoS attack in SDN network. In: International Conference on Information Networking. IEEE, pp 309–311

  122. Dong P, Du X, Zhang H, Xu T (2016) A detection method for a novel DDoS attack against SDN controllers by vast new low-traffic flows. In: IEEE International Conference on Communications, pp 1–6

  123. Mousavi SM, St-Hilaire M (2015) Early detection of DDoS attacks against SDN controllers. In: International Conference on Computing, Networking and Communications. IEEE, pp 77–81

  124. Kloti R, Kotronis V, Smith P (2013) OpenFlow: a security analysis. In: 21st IEEE International Conference on Network Protocols, pp 1–6

  125. Zhang Y (2013) An adaptive flow counting method for anomaly detection in SDN. In: The Ninth ACM Conference on Emerging Networking Experiments and Technologies, pp 25–30

  126. Shahreza SS, Ganjali Y (2013) Efficient implementation of security applications in OpenFlow controller with FleXam. In: IEEE 21st annual symposium on high-performance interconnects, pp 49–54

  127. Hu H, Han W, Ahn G, Zhao Z (2014) FLOWGUARD: building robust firewalls for software-defined networks. In: The third workshop on hot topics in software defined networking. ACM, pp 97–102

  128. Lara A, Ramamurthy B (2014) OpenSec: a framework for implementing security policies using OpenFlow. In: IEEE Global Communications Conference, pp 781–786

  129. Berde P, Gerola M, Hart J, Higuchi Y, Kobayashi M, Koide T, Lantz B, O’Connor B, Radoslavov P, Snow W, Parulkar G (2014) ONOS: towards an open, distributed SDN OS. In: The third workshop on hot topics in software defined networking. ACM, pp 1–6

  130. Chen K, Junuthula AR, Siddhrau IK, Xu Y, Chao HJ (2016) SDNShield: towards more comprehensive defense against DDoS attacks on SDN control plane. In: IEEE Conference on Communications and Network Security, pp 28–36

  131. Porras P, Shin S, Yegneswaran V, Fong M, Tyson M, Gu G (2012) A security enforcement kernel for OpenFlow networks. In: The first workshop on hot topics in software defined networks. ACM, pp 121–126

  132. Lim S, Ha J, Kim H, Kim Y, Yang S (2014) A SDN-oriented DDoS blocking scheme for botnet-based attacks. In: Sixth International Conference on Ubiquitous and Future Networks. IEEE, pp 63–68

  133. Zaalouk A, Khondoker R, Marx R, Bayarou K (2014) OrchSec: an orchestrator-based architecture for enhancing network-security using network monitoring and SDN control functions. In: IEEE network operations and management symposium, pp 1–9

  134. Liyanage M, Ylianttila M, Gurtov A (2014) Securing the control channel of software-defined mobile networks. In: IEEE international symposium on a world of wireless, mobile and multimedia networks. IEEE, pp 1–6

  135. Bhuyan MH, Kashyap HJ, Bhattacharyya DK, Kalita JK (2014) Detecting distributed denial of service attacks: methods, tools and future directions. Comput J 57(4):537–556

    Article  Google Scholar 

  136. Oshima S, Nakashima T, Sueyoshi T (2010) Early DoS/DDoS detection method using short-term statistics. In: International Conference on Complex, Intelligent and Software Intensive Systems. IEEE, pp 168–173

  137. Nychis G, Sekar V, Andersen DG, Kim H, Zhang H (2008) An empirical evaluation of entropy-based traffic anomaly detection. In: The 8th ACM SIGCOMM Conference on Internet Measurement, pp 151–156

  138. Gu Y, McCallum A, Towsley D (2005) Detecting anomalies in network traffic using maximum entropy estimation. In: The 5th ACM SIGCOMM Conference on Internet Measurement, pp 32–37

  139. Wang R, Jia Z, Ju L (2015) An entropy-based distributed DDoS detection mechanism in software-defined networking. In: IEEE Trustcom/BigDataSE/ISPA, pp 310–317

  140. Sahoo KS, Tiwary M, Sahoo B (2018) Detection of high rate DDoS attack from flash events using information metrics in software defined networks. In: 10th International Conference on Communication Systems and Networks. IEEE, pp 421–424

  141. Gelenbe E, Loukas G (2007) A self-aware approach to denial of service defence. Comput Netw 51(5):1299–1314

    Article  MATH  Google Scholar 

  142. Wu Y, Tseng H, Yang W, Jan R (2011) DDoS detection and traceback with decision tree and grey relational analysis. Int J Ad Hoc Ubiquitous Comput 7(2):121–136

    Article  Google Scholar 

  143. Dotcenko S, Vladyko A, Letenko I (2014) A fuzzy logic-based information security management for software-defined networks. In: 16th International Conference on Advanced Communication Technology. IEEE, pp 167–171

  144. Kokila RT, Selvi ST, Govindarajan K (2014) DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: Sixth International Conference on Advanced Computing. IEEE, pp 205–210

  145. Li J, Zhao Z, Li R (2018) Machine learning-based IDS for software-defined 5G network. IET Netw 7(2):53–60

    Article  Google Scholar 

  146. Kalkan K, Gur G, Alagoz F (2017) Defense mechanisms against DDoS attacks in SDN environment. IEEE Commun Mag 55(9):175–179

    Article  Google Scholar 

  147. Hsu S, Chen T, Chang Y, Chen S, Chao H, Lin T, Shih W (2015) Design a hash-based control mechanism in vSwitch for software-defined networking environment. In: IEEE International Conference on Cluster Computing, pp 498–499

  148. Lim S, Yang S, Kim Y, Yang S, Kim H (2015) Controller scheduling for continued SDN operation under DDoS attacks. Electron Lett 51(16):1259–1261

    Article  Google Scholar 

  149. Yan Q, Gong Q, Yu FR (2017) Effective software-defined networking controller scheduling method to mitigate DDoS attacks. IET Electron Lett 53(7):469–471

    Article  Google Scholar 

  150. Chin T, Mountrouidou X, Li X, Xiong K (2015) Selective packet inspection to detect DoS flooding using software defined networking (SDN). In: IEEE 35th International Conference on Distributed Computing Systems Workshops, pp 95–99

  151. Xing T, Huang D, Xu L, Chung C, Khatkar P (2013) SnortFlow: a OpenFlow-based intrusion prevention system in cloud environment. In: Second GENI research and educational experiment workshop, pp 89–92

  152. Chung C, Khatkar P, Xing T, Lee J, Huang D (2013) NICE: network intrusion detection and countermeasure selection in virtual network systems. IEEE Trans Dependable Secure Comput 10(4):198–211

    Article  Google Scholar 

  153. Ye J, Cheng X, Zhu J, Feng L, Song L (2018) A DDoS attack detection method based on SVM in software defined network. In: Security and communication networks, Hindawi, pp 1–8

  154. Bhandari A, Sangal AL, Kumar K (2016) Characterizing flash events and distributed denial-of-service attacks: an empirical investigation. Secur Commun Netw 9(13):2222–2239

    Google Scholar 

  155. Yu S, Thapngam T, Liu J (2009) Discriminating DDoS flows from flash crowds using information distance. In: Third International Conference on Network and System Security. IEEE, pp 351–356

  156. Behal S, Kumar K (2017) Detection of DDoS attacks and flash events using novel information theory metrics. Comput Netw 116:96–110

    Article  Google Scholar 

  157. Thapngam T, Yu S, Zhou W (2011) Discriminating DDoS attack traffic from flash crowd through packet arrival patterns. In: IEEE Conference on Computer Communications Workshops, pp 952–957

  158. Moshref M, Yu M, Govindan R (2013) Resource/accuracy tradeoffs in software-defined measurement. In: The second ACM SIGCOMM workshop on hot topics in software defined networking, pp 73–78

  159. Xiang Y, Li K, Zhou W (2013) Low-rate DDoS attacks detection and traceback by using new information metrics. IEEE Trans Inf Forensics Secur 6(2):426–437, 2011. Topics in Software Defined Networking. ACM, pp 73–78

  160. Xu D, Erdogmuns D (2010) Renyis entropy, divergence and their nonparametric estimators. In: Principe JC (ed) Information theoretic learning. Springer, Berlin, pp 47–102

  161. Keti F, Askar S (2015) Emulation of software defined networks using mininet in different simulation environments. In: 6th International Conference on Intelligent Systems, Modelling and Simulation. IEEE, pp 205–210

  162. Prete LR, Shinoda AA, Schweitzer CM, Oliveira RLSD (2014) Simulation in an SDN network scenario using the POX controller. In: IEEE Colombian Conference on Communications and Computing, pp 1–6

  163. Niyaz Q, Sun W, Javaid AY (2017) A deep learning based DDoS detection system in software-defined networking. ICST Trans Secur Saf 4(12):1–12

    Article  Google Scholar 

Download references

Acknowledgements

The first version of this paper has appeared in one of the chapters of Handbook of e-Business Security [67]. We would like to thank the anonymous reviewers for their valuable comments and future research directions, which greatly help us to extend this paper.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, National Institute of Technology Rourkela, Rourkela, 769008, India

    Kshira Sagar Sahoo, Sampa Sahoo, Bibhudatta Sahoo & Ratnakar Dash

  2. Department of Information Technology, Veer Surendra Sai University of Technology, Burla, 768018, India

    Sanjaya Kumar Panda

Authors
  1. Kshira Sagar Sahoo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sanjaya Kumar Panda
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sampa Sahoo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bibhudatta Sahoo
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ratnakar Dash
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sanjaya Kumar Panda.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sahoo, K.S., Panda, S.K., Sahoo, S. et al. Toward secure software-defined networks against distributed denial of service attack. J Supercomput 75, 4829–4874 (2019). https://doi.org/10.1007/s11227-019-02767-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-019-02767-z

Keywords

Search

Navigation