Year-end Sale % OFF 
Abstract
In traditional networks, DDoS attacks are often launched in the network layer or the transport layer. Researchers had explored this problem in depth and put forward plenty of solutions. However, these solutions are only suitable for scenarios such as a single link or victim side network and could not analyse traffic distribution from the angle of the global network. Also, the TCP/IP network architecture lacks abilities to quickly conduct resource deployment and traffic scheduling. When DDoS attacks occur, victims usually could not respond in time. With the superiorities of centralized control mode and global topological view, Software-Defined Networking (SDN) provides a new way to get over the above issues. In this paper, we adopt a combination of diverse technologies to design SDNDefender, a SDN-based DDoS detection and defense mechanism, which is composed of two core components aiming to counter the most popular DDoS attacks including IP spoofing attack and TCP SYN flood attack. We carry out quantitative simulation experiments for evaluating SDNDefender from many metrics. The experimental results show that in contrast to other DDoS defense algorithms, SDNDefender not only efficiently validates spoofed packets and withstands well-known attacks but also defends unknown attacks according to the target’s available resources. Besides, SDNDefender could significantly reduce TCP half-open connections and improve detection accuracy, alleviating attack influences that exhaust the server’s resources and network bandwidth.
Highlights
With the rapid growth of networking technologies, current network systems and data centers are becoming more and more complex and data excessive
We can see that SDNDefender keeps its APPF values much lower than that in the other three situations. e main cause of this phenomenon is that normal SoftwareDefined Networking (SDN) does not provide any defense measure to counter IP spoofing, so that a massive number of attack packets can be directly forwarded to the server without further validation by the controller
SDNDefender strikingly eliminates attack entries, because it implements route-based validation for each flow before forwarding it, and IP spoofing and ARP spoofing can be blocked in advance, so that the controller dedicates itself to matching normal packets
Summary
With the rapid growth of networking technologies, current network systems and data centers are becoming more and more complex and data excessive. DDoS is a large-scale and distributed network attack, which launches illegal requests to attack targeted hosts and exhaust their bandwidth and service resources. E fundamental cause of a DDoS attack is that in TCP/IP protocol stack, connection requests of any proxy program could be sent to the targeted server without identity authentication so that attackers could configure proxy servers to attack victims. [1] presents a detection method based on the Pearson correlation coefficient to discriminate anomaly traffic from normal traffic. Compared to the single attack method of DoS attacks, DDoS is a large-scale and distributed network attack that is more detrimental to Internet services. It utilizes multitudinous controlled nodes to launch DoS attacks on targets and brings victims a breakdown by exhausting their network bandwidth and system resources. Each master controls a range of zombies and on receiving attack codes from the attacker, the master forwards these commands to its zombies and informs them of attacking targets
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
