EarlyDrop: A Trade-off Driven DDoS Defense Mechanism for Software-defined Infrastructures

被引：2

作者：

Bauer, Robert ^{[1
]}

Heseding, Hauke ^{[1
]}

Flittner, Matthias ^{[1
]}

机构：

[1] Karlsruhe Inst Technol, Karlsruhe, Germany

来源：

2017 IEEE 42ND CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN) | 2017年

关键词：

DDoS defense; SDN; NFV; HHH; monitoring;

D O I：

10.1109/LCN.2017.71

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

While many DDoS mitigation approaches utilize the flexibility of software-defined infrastructures in a decentralized fashion, most of them assume that the infrastructure as a whole is willing and capable of mitigating all incoming packets of an attack. Those approaches cannot be used out of the box, if the attack overburdens the infrastructure or the monetary budget for mitigation is limited. Therefore we present EarlyDrop, a trade-off driven DDoS defense mechanism based on transparent blackbox monitoring. With EarlyDrop, operators can choose to drop undifferentiated traffic before it is forwarded to the mitigation system in order to reduce the load onto the infrastructure - a trade-off between mitigation cost (resources, money) and return of mitigation.

引用

页码：207 / 210

页数：4

共 50 条

[21] Securing Software-Defined Vehicular Network Architecture against DDoS attack
Amari, Houda
Louati, Wassef
Khoukhi, Lyes
Belguith, Lamia Hadrich
PROCEEDINGS OF THE IEEE 46TH CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN 2021), 2021, : 653 - 656
[22] Citadel: Cyber threat intelligence assisted defense system for software-defined networks
Yurekten, Ozgur
Demirci, Mehmet
COMPUTER NETWORKS, 2021, 191
[23] DDoS Attack Detection Method Based on Improved KNN With the Degree of DDoS Attack in Software-Defined Networks
Dong, Shi
Sarem, Mudar
IEEE ACCESS, 2020, 8 : 5039 - 5048
[24] Bandwidth Control Mechanism and Extreme Gradient Boosting Algorithm for Protecting Software-Defined Networks Against DDoS Attacks
Alamri, Hassan A.
Thayananthan, Vijey
IEEE ACCESS, 2020, 8 : 194269 - 194288
[25] End-host Driven Troubleshooting Architecture for Software-Defined Networking
Csikor, Levente
Pezaros, Dimitrios P.
GLOBECOM 2017 - 2017 IEEE GLOBAL COMMUNICATIONS CONFERENCE, 2017,
[26] Defense Against Software-Defined Network Topology Poisoning Attacks
Gao, Yang
Xu, Mingdi
TSINGHUA SCIENCE AND TECHNOLOGY, 2023, 28 (01): : 39 - 46
[27] Detection and Mitigation of DDoS Attacks Using Conditional Entropy in Software-defined Networking
Xuanyuan, Ming
Ramsurrun, Visham
Seeam, Amar
2019 11TH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING (ICOAC 2019), 2019, : 66 - 71
[28] Software-Defined Network Design driven by Availability Requirements
Santos, Dorabella
Gomes, Teresa
Tipper, David
2020 16TH INTERNATIONAL CONFERENCE ON THE DESIGN OF RELIABLE COMMUNICATION NETWORKS DRCN 2020, 2020,
[29] Detection and Analysis of TCP-SYN DDoS Attack in Software-Defined Networking
Swami, Rochak
Dave, Mayank
Ranga, Virender
WIRELESS PERSONAL COMMUNICATIONS, 2021, 118 (04) : 2295 - 2317
[30] Detection and Analysis of TCP-SYN DDoS Attack in Software-Defined Networking
Rochak Swami
Mayank Dave
Virender Ranga
Wireless Personal Communications, 2021, 118 : 2295 - 2317

← 1 2 3 4 5 →