EarlyDrop: A Trade-off Driven DDoS Defense Mechanism for Software-defined Infrastructures

被引：2

作者：

Bauer, Robert ^{[1
]}

Heseding, Hauke ^{[1
]}

Flittner, Matthias ^{[1
]}

机构：

[1] Karlsruhe Inst Technol, Karlsruhe, Germany

来源：

2017 IEEE 42ND CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN) | 2017年

关键词：

DDoS defense; SDN; NFV; HHH; monitoring;

D O I：

10.1109/LCN.2017.71

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

While many DDoS mitigation approaches utilize the flexibility of software-defined infrastructures in a decentralized fashion, most of them assume that the infrastructure as a whole is willing and capable of mitigating all incoming packets of an attack. Those approaches cannot be used out of the box, if the attack overburdens the infrastructure or the monetary budget for mitigation is limited. Therefore we present EarlyDrop, a trade-off driven DDoS defense mechanism based on transparent blackbox monitoring. With EarlyDrop, operators can choose to drop undifferentiated traffic before it is forwarded to the mitigation system in order to reduce the load onto the infrastructure - a trade-off between mitigation cost (resources, money) and return of mitigation.

引用

页码：207 / 210

页数：4

共 50 条

[41] Securing Software-Defined Networks Through Adaptive Moving Target Defense Capabilities
Silva, Felipe Dantas S.
Neto, Emidio P.
Nunes, Rodrigo S. S.
Souza, Cristian H. M.
Neto, Augusto J. V.
Pascoal, Tulio
JOURNAL OF NETWORK AND SYSTEMS MANAGEMENT, 2023, 31 (03)
[42] Vulnerability retrospection of security solutions for software-defined Cyber-Physical System against DDoS and IoT-DDoS attacks
Snehi, Manish
Bhandari, Abhinav
COMPUTER SCIENCE REVIEW, 2021, 40
[43] Deep Learning Models Comparison in binary context for DDoS Attack Detection in Software-Defined Network
Zaidoun, Ameur Salem
Lachiri, Zied
2024 IEEE 7TH INTERNATIONAL CONFERENCE ON ADVANCED TECHNOLOGIES, SIGNAL AND IMAGE PROCESSING, ATSIP 2024, 2024, : 105 - 109
[44] Self-healing topology for DDoS attack identification & discovery protocol in software-defined networks
Sharma, Gajanand
Sharma, Himanshu
Pareek, Rajneesh
Gour, Nidhi
Sharma, Ravi Shanker
Kumar, Ashutosh
JOURNAL OF DISCRETE MATHEMATICAL SCIENCES & CRYPTOGRAPHY, 2021, 24 (08) : 2221 - 2232
[45] MIND: Message Classification Based Controller Scheduling Method for Resisting DDoS Attack in Software-Defined Networking
Cui, Yunhe
Qian, Qing
2020 5TH INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATION SYSTEMS (ICCCS 2020), 2020, : 486 - 490
[46] A QoS-guaranteed intelligent routing mechanism in software-defined networks
Sun, Weifeng
Wang, Zun
Zhang, Guanghao
COMPUTER NETWORKS, 2021, 185
[47] Detecting DDoS Attacks in Software-Defined Networks Through Feature Selection Methods and Machine Learning Models
Polat, Huseyin
Polat, Onur
Cetin, Aydin
SUSTAINABILITY, 2020, 12 (03)
[48] A QoS-guaranteed intelligent routing mechanism in software-defined networks
Sun, Weifeng
Wang, Zun
Zhang, Guanghao
COMPUTER NETWORKS, 2021, 185
[49] Information theory-based approaches to detect DDoS attacks on software-defined networking controller a review
Aladaileh, Mohammad A.
Anbar, Mohammed
Hasbullah, Iznan H.
Sanjalawe, Yousef K.
INTERNATIONAL JOURNAL OF EDUCATION AND INFORMATION TECHNOLOGIES, 2021, 15 : 83 - 94
[50] Machine Learning Approach Equipped with Neighbourhood Component Analysis for DDoS Attack Detection in Software-Defined Networking
Tonkal, Ozgur
Polat, Huseyin
Basaran, Erdal
Comert, Zafer
Kocaoglu, Ramazan
ELECTRONICS, 2021, 10 (11)

← 1 2 3 4 5 →