Abstract
DDoS attacks have caused very serious damage to enterprise networks. Recently, a new kind of DDoS attack called link-flooding attack (LFA), has surfaced and is already being used by attackers to flood and congest network critical links. LFA is very difficult to detect since adversaries often utilize large-scale legitimate low-speed flows and rolls target links to isolate target areas for launching attacks. To address such a critical security problem, we design and implement a novel LFA defense system called LFADefender that leverages some key features, such as programmability, network-wide view, and flow traceability, of an emerging network technology, Software-Defined Networking (SDN), to effectively detect and migrate LFA. In LFADefender, we propose a LFA target link selection approach and design a LFA congestion monitoring mechanism to effectively detect LFA. In addition, we present a multiple optional paths rerouting method to temporarily mitigate links congestion caused by LFA. We further propose a malicious traffic blocking approach to radically mitigate LFA. Our evaluation results show that LFADefender can accurately detect and rapidly mitigate LFA, but only imposes minimal overhead in the communication channels between network controllers and data planes.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IEEE Transactions on Dependable and Secure Computing
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
