A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks

Shibo Luo; Jun Wu; Jianhua Li; Bei Pei

doi:10.1109/FCST.2015.11

A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks

Shibo Luo, Jun Wu, Jianhua Li, Bei Pei

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

21 Citations (Scopus)

Abstract

Distributed Denial of Service (DDoS) attack is a major threat to Internet based killer applications, such as independent news web sites, e-business and online games. Detecting and blocking such clever attacks has become difficult. Software-Defined Networks (SDN) has emerged as a future communication network architecture which decouples network control and forwarding. It has some particular features such as central control and programmability to combat against DDoS attack. In this paper, we survey DDoS attacks and existing defense mechanisms, and draw a conclusion of the needs of defense mechanism for successful combating against DDoS. Then, we analyze the particular features of SDN and conclude it is conducive to countermeasure DDoS attack. According the analysis, we construct a defense mechanism for DDoS in SDN. At last, we illustrate how this mechanism could combat against DDoS attacks through a working example.

Original language	English
Title of host publication	Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015
Editors	Xiaohua Jia, Yong Zhang, Tharam Dillion, Nei Kato, Yunquan Zhang, Kuan Ching Li, Kui Wu
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	325-329
Number of pages	5
ISBN (Electronic)	9781467392952
DOIs	https://doi.org/10.1109/FCST.2015.11
Publication status	Published - 2015 Oct 30
Externally published	Yes
Event	9th International Conference on Frontier of Computer Science and Technology, FCST 2015 - Dalian, China Duration: 2015 Aug 26 → 2015 Aug 28

Publication series

Name	Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015

Conference

Conference	9th International Conference on Frontier of Computer Science and Technology, FCST 2015
Country/Territory	China
City	Dalian
Period	15/8/26 → 15/8/28

Keywords

Central Control
Distributed Denial of Service
Programmability
Software-Defined Networks

ASJC Scopus subject areas

Computer Networks and Communications
Computer Science Applications
Control and Optimization
Modelling and Simulation

Access to Document

10.1109/FCST.2015.11

Cite this

Luo, S., Wu, J., Li, J., & Pei, B. (2015). A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks. In X. Jia, Y. Zhang, T. Dillion, N. Kato, Y. Zhang, K. C. Li, & K. Wu (Eds.), Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015 (pp. 325-329). Article 7314699 (Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/FCST.2015.11

A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks. / Luo, Shibo; Wu, Jun; Li, Jianhua et al.
Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015. ed. / Xiaohua Jia; Yong Zhang; Tharam Dillion; Nei Kato; Yunquan Zhang; Kuan Ching Li; Kui Wu. Institute of Electrical and Electronics Engineers Inc., 2015. p. 325-329 7314699 (Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Luo, S, Wu, J, Li, J & Pei, B 2015, A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks. in X Jia, Y Zhang, T Dillion, N Kato, Y Zhang, KC Li & K Wu (eds), Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015., 7314699, Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015, Institute of Electrical and Electronics Engineers Inc., pp. 325-329, 9th International Conference on Frontier of Computer Science and Technology, FCST 2015, Dalian, China, 15/8/26. https://doi.org/10.1109/FCST.2015.11

Luo S, Wu J, Li J, Pei B. A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks. In Jia X, Zhang Y, Dillion T, Kato N, Zhang Y, Li KC, Wu K, editors, Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 325-329. 7314699. (Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015). doi: 10.1109/FCST.2015.11

Luo, Shibo ; Wu, Jun ; Li, Jianhua et al. / A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks. Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015. editor / Xiaohua Jia ; Yong Zhang ; Tharam Dillion ; Nei Kato ; Yunquan Zhang ; Kuan Ching Li ; Kui Wu. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 325-329 (Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015).

@inproceedings{873b526c3f274896aaec2bfe3b701454,

title = "A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks",

abstract = "Distributed Denial of Service (DDoS) attack is a major threat to Internet based killer applications, such as independent news web sites, e-business and online games. Detecting and blocking such clever attacks has become difficult. Software-Defined Networks (SDN) has emerged as a future communication network architecture which decouples network control and forwarding. It has some particular features such as central control and programmability to combat against DDoS attack. In this paper, we survey DDoS attacks and existing defense mechanisms, and draw a conclusion of the needs of defense mechanism for successful combating against DDoS. Then, we analyze the particular features of SDN and conclude it is conducive to countermeasure DDoS attack. According the analysis, we construct a defense mechanism for DDoS in SDN. At last, we illustrate how this mechanism could combat against DDoS attacks through a working example.",

keywords = "Central Control, Distributed Denial of Service, Programmability, Software-Defined Networks",

author = "Shibo Luo and Jun Wu and Jianhua Li and Bei Pei",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 9th International Conference on Frontier of Computer Science and Technology, FCST 2015 ; Conference date: 26-08-2015 Through 28-08-2015",

year = "2015",

month = oct,

day = "30",

doi = "10.1109/FCST.2015.11",

language = "English",

series = "Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "325--329",

editor = "Xiaohua Jia and Yong Zhang and Tharam Dillion and Nei Kato and Yunquan Zhang and Li, {Kuan Ching} and Kui Wu",

booktitle = "Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015",

}

TY - GEN

T1 - A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks

AU - Luo, Shibo

AU - Wu, Jun

AU - Li, Jianhua

AU - Pei, Bei

PY - 2015/10/30

Y1 - 2015/10/30

N2 - Distributed Denial of Service (DDoS) attack is a major threat to Internet based killer applications, such as independent news web sites, e-business and online games. Detecting and blocking such clever attacks has become difficult. Software-Defined Networks (SDN) has emerged as a future communication network architecture which decouples network control and forwarding. It has some particular features such as central control and programmability to combat against DDoS attack. In this paper, we survey DDoS attacks and existing defense mechanisms, and draw a conclusion of the needs of defense mechanism for successful combating against DDoS. Then, we analyze the particular features of SDN and conclude it is conducive to countermeasure DDoS attack. According the analysis, we construct a defense mechanism for DDoS in SDN. At last, we illustrate how this mechanism could combat against DDoS attacks through a working example.

AB - Distributed Denial of Service (DDoS) attack is a major threat to Internet based killer applications, such as independent news web sites, e-business and online games. Detecting and blocking such clever attacks has become difficult. Software-Defined Networks (SDN) has emerged as a future communication network architecture which decouples network control and forwarding. It has some particular features such as central control and programmability to combat against DDoS attack. In this paper, we survey DDoS attacks and existing defense mechanisms, and draw a conclusion of the needs of defense mechanism for successful combating against DDoS. Then, we analyze the particular features of SDN and conclude it is conducive to countermeasure DDoS attack. According the analysis, we construct a defense mechanism for DDoS in SDN. At last, we illustrate how this mechanism could combat against DDoS attacks through a working example.

KW - Central Control

KW - Distributed Denial of Service

KW - Programmability

KW - Software-Defined Networks

UR - http://www.scopus.com/inward/record.url?scp=84961730142&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84961730142&partnerID=8YFLogxK

U2 - 10.1109/FCST.2015.11

DO - 10.1109/FCST.2015.11

M3 - Conference contribution

AN - SCOPUS:84961730142

T3 - Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015

SP - 325

EP - 329

BT - Proceedings - 2015 9th International Conference on Frontier of Computer Science and Technology, FCST 2015

A2 - Jia, Xiaohua

A2 - Zhang, Yong

A2 - Dillion, Tharam

A2 - Kato, Nei

A2 - Zhang, Yunquan

A2 - Li, Kuan Ching

A2 - Wu, Kui

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 9th International Conference on Frontier of Computer Science and Technology, FCST 2015

Y2 - 26 August 2015 through 28 August 2015

ER -

A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this