EarlyDrop: A Trade-off Driven DDoS Defense Mechanism for Software-defined Infrastructures

被引:2
|
作者
Bauer, Robert [1 ]
Heseding, Hauke [1 ]
Flittner, Matthias [1 ]
机构
[1] Karlsruhe Inst Technol, Karlsruhe, Germany
来源
2017 IEEE 42ND CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN) | 2017年
关键词
DDoS defense; SDN; NFV; HHH; monitoring;
D O I
10.1109/LCN.2017.71
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
While many DDoS mitigation approaches utilize the flexibility of software-defined infrastructures in a decentralized fashion, most of them assume that the infrastructure as a whole is willing and capable of mitigating all incoming packets of an attack. Those approaches cannot be used out of the box, if the attack overburdens the infrastructure or the monetary budget for mitigation is limited. Therefore we present EarlyDrop, a trade-off driven DDoS defense mechanism based on transparent blackbox monitoring. With EarlyDrop, operators can choose to drop undifferentiated traffic before it is forwarded to the mitigation system in order to reduce the load onto the infrastructure - a trade-off between mitigation cost (resources, money) and return of mitigation.
引用
收藏
页码:207 / 210
页数:4
相关论文
共 50 条
  • [31] Ensemble Deep Learning Models for Mitigating DDoS Attack in Software-Defined Network
    Alanazi, Fatmah
    Jambi, Kamal
    Eassa, Fathy
    Khemakhem, Maher
    Basuhail, Abdullah
    Alsubhi, Khalid
    INTELLIGENT AUTOMATION AND SOFT COMPUTING, 2022, 33 (02) : 923 - 938
  • [32] Review on Detection Techniques against DDoS Attacks on a Software-Defined Networking Controller
    Zubaydi, Haider Dhia
    Anbar, Mohammed
    Wey, Chong Yung
    2017 PALESTINIAN INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY (PICICT), 2017, : 10 - 16
  • [33] Emerging DDoS attack detection and mitigation strategies in software-defined networks: Taxonomy, challenges and future directions
    Valdovinos, Ismael Amezcua
    Perez-Diaz, Jesus Arturo
    Choo, Kim-Kwang Raymond
    Botero, Juan Felipe
    JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2021, 187
  • [34] Deep Reinforcement Learning based Smart Mitigation of DDoS Flooding in Software-Defined Networks
    Liu, Yandong
    Dong, Mianxiong
    Otat, Kaoru
    Li, Jianhua
    Wu, Jun
    2018 IEEE 23RD INTERNATIONAL WORKSHOP ON COMPUTER AIDED MODELING AND DESIGN OF COMMUNICATION LINKS AND NETWORKS (CAMAD), 2018, : 80 - 85
  • [35] Real-Time DDoS Detection and Alleviation in Software-Defined In-Vehicle Networks
    Huang, Teng-Chia
    Huang, Chin-Ya
    Chen, Yu-Chi
    IEEE SENSORS LETTERS, 2022, 6 (09)
  • [36] Investigation of application layer DDoS attacks in legacy and software-defined networks: A comprehensive review
    Kaur, Sarabjeet
    Sandhu, Amanpreet Kaur
    Bhandari, Abhinav
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2023, 22 (06) : 1949 - 1988
  • [37] Proactive multipath routing with a predictive mechanism in software-defined networks
    Lin, Ying-Dar
    Liu, Te-Lung
    Wang, Shun-Hsien
    Lai, Yuan-Cheng
    INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2019, 32 (14)
  • [38] A Study of Improving Traffic Distribution Mechanism in Software-Defined Networking
    Srisamarn, Ukrist
    Pradittasnee, Lapas
    PROCEEDINGS OF TENCON 2018 - 2018 IEEE REGION 10 CONFERENCE, 2018, : 0942 - 0947
  • [39] Software-defined ICN based efficient English translation mechanism
    Zhao, Ying
    INTERNET TECHNOLOGY LETTERS, 2022, 5 (05)
  • [40] A Survey of Low Rate DDoS Detection Techniques Based on Machine Learning in Software-Defined Networks
    Alashhab, Abdussalam Ahmed
    Zahid, Mohd Soperi Mohd
    Azim, Mohamed A.
    Daha, Muhammad Yunis
    Isyaku, Babangida
    Ali, Shimhaz
    SYMMETRY-BASEL, 2022, 14 (08):
12345