EarlyDrop: A Trade-off Driven DDoS Defense Mechanism for Software-defined Infrastructures

被引：2

作者：

Bauer, Robert ^{[1
]}

Heseding, Hauke ^{[1
]}

Flittner, Matthias ^{[1
]}

机构：

[1] Karlsruhe Inst Technol, Karlsruhe, Germany

来源：

2017 IEEE 42ND CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN) | 2017年

关键词：

DDoS defense; SDN; NFV; HHH; monitoring;

D O I：

10.1109/LCN.2017.71

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

While many DDoS mitigation approaches utilize the flexibility of software-defined infrastructures in a decentralized fashion, most of them assume that the infrastructure as a whole is willing and capable of mitigating all incoming packets of an attack. Those approaches cannot be used out of the box, if the attack overburdens the infrastructure or the monetary budget for mitigation is limited. Therefore we present EarlyDrop, a trade-off driven DDoS defense mechanism based on transparent blackbox monitoring. With EarlyDrop, operators can choose to drop undifferentiated traffic before it is forwarded to the mitigation system in order to reduce the load onto the infrastructure - a trade-off between mitigation cost (resources, money) and return of mitigation.

引用

页码：207 / 210

页数：4

共 50 条

[1] Software-defined Networking-based DDoS Defense Mechanisms
Swami, Rochak
Dave, Mayank
Ranga, Virender
ACM COMPUTING SURVEYS, 2019, 52 (02)
[2] DDoS Defense Mechanism Based on Software Defined Network
Wang, Qian
Zhao, Zhifeng
Zhang, Honggang
2017 IEEE 9TH INTERNATIONAL CONFERENCE ON COMMUNICATION SOFTWARE AND NETWORKS (ICCSN), 2017, : 1122 - 1127
[3] Software-Defined Edge Defense Against IoT-Based DDoS
Ozcelik, Mert
Chalabianloo, Niaz
Gur, Gurkan
2017 IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY (CIT), 2017, : 308 - 313
[4] Detecting DDoS based on attention mechanism for Software-Defined Networks
Yoon, Namkyung
Kim, Hwangnam
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2024, 230
[5] A comprehensive survey on DDoS detection, mitigation, and defense strategies in software-defined networks
Jain, Ankit Kumar
Shukla, Hariom
Goel, Diksha
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2024, 27 (09): : 13129 - 13164
[6] An Entropy-Based Distributed DDoS Detection Mechanism in Software-Defined Networking
Wang, Rui
Jia, Zhiping
Ju, Lei
2015 IEEE TRUSTCOM/BIGDATASE/ISPA, VOL 1, 2015, : 310 - 317
[7] RyuGuard-Combining Ryu and machine learning for proactive DDoS defense in software-defined networks
Vadivu, D. Sendil
Rajagopalan, Narendran
CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2024, 36 (28)
[8] Addressing Spoofed DDoS Attacks in Software-defined Networking
Swami, Rochak
Dave, Mayank
Ranga, Virender
2021 6TH INTERNATIONAL CONFERENCE FOR CONVERGENCE IN TECHNOLOGY (I2CT), 2021,
[9] Software-Defined Anti-DDoS - Is It the Next Step?
Wytrebowicz, Jacek
PHOTONICS APPLICATIONS IN ASTRONOMY, COMMUNICATIONS, INDUSTRY, AND HIGH-ENERGY PHYSICS EXPERIMENTS 2018, 2018, 10808
[10] Overview of DDoS Attack Detection in Software-Defined Networks
Wang, Heyu
Li, Yixuan
IEEE ACCESS, 2024, 12 : 38351 - 38381

← 1 2 3 4 5 →