Abstract
In this paper, we investigate the applicability of Software-Defined Networking (SDN), and specifically the use of the OpenFlow protocol as a means to enhance the legacy Remote Triggered Black-Hole (RTBH) routing approach, towards Distributed Denial of Service (DDoS) attack mitigation. More specifically, we exploit the network programmability of OpenFlow to match and handle traffic on a per-flow level, in order to preserve normal operation of the victim, while pushing the mitigation process upstream towards the edge of the network. To this end, we implemented and evaluated a sketch-based anomaly detection and identification mechanism, capable of pinpointing the victim and remotely triggering the mitigation of the offending network traffic. The evaluation is based on the combination of datasets containing real DDoS attacks and normal background traffic from an operational university campus network. Our results demonstrated that the proposed approach succeeds in identifying the victim of the attack and efficiently filtering the malicious sources.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
