Guangming Tang scite author profile

Guangming Tang

2Publications

41Citation Statements Received

22Citation Statements Given

How they've been cited

How they cite others

Affiliations

Publications

Order By: Most citations

SGS: Safe-Guard Scheme for Protecting Control Plane Against DDoS Attacks in Software-Defined Networking

Wang¹,

Tang³

et al. 2019

IEEE Access

View full text Add to dashboard Cite

Software-defined networking (SDN) achieves flexible and efficient network management by decoupling control plane from the data plane, where the controller with a global network view is responsible for planning routing for packets. However, the centralized design makes the controller become a potential bottleneck, and adversaries can exploit this vulnerability to launch distributed denial-of-service (DDoS) attacks to the controller. Existing solutions are fundamentally based forged traffic analysis, increasing computational cost and being prone to produce false positives. This paper proposes a safeguard scheme (SGS) for protecting control plane against DDoS attacks, and the main characteristic of SGS is deploying multicontroller in control plane through the controller's clustering. SGS procedures are organized in two modules: anomaly traffic detection and controller dynamic defense. Anomaly traffic detection focuses on switches in data plane to distinguish forged flows from legitimate ones by innovatively adopting four-tuple feature vector. Controller dynamic defense mitigates DDoS attacks' effects on control plane by remapping controller and sending the access control message to switches. The simulation results demonstrate the efficiency of our proposed SGS with real-time DDoS attack defense and high detection accuracy, as well as high-efficiency network resource utilization. INDEX TERMS Software-defined networking, multi-controller, DDoS, network security, anomaly traffic detection.

show abstract

A Network Vulnerability Assessment Method Based on Attack Graph

Wang¹,

Wang²,

Tang³

et al. 2018

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Guangming Tang

SGS: Safe-Guard Scheme for Protecting Control Plane Against DDoS Attacks in Software-Defined Networking

A Network Vulnerability Assessment Method Based on Attack Graph

Contact Info

Product

Resources

About