Rochak Swami scite author profile

Distributed Denial of Service attack (DDoS) is recognized to be one of the most catastrophic attacks against various digital communication entities. Software-defined networking (SDN) is an emerging technology for computer networks that uses open protocols for controlling switches and routers placed at the network edges by using specialized open programmable interfaces. In this article, a detailed study on DDoS threats prevalent in SDN is presented. First, SDN features are examined from the perspective of security, and then a discussion on SDN security features is done. Further, two viewpoints on protecting networks against DDoS attacks are presented. In the first view, SDN utilizes its abilities to secure conventional networks. In the second view, SDN may become a victim of the threat itself because of the centralized control mechanism. The main focus of this research work is on discovering critical security implications in SDN while reviewing the current ongoing research studies. By emphasizing the available state-of-the-art techniques, an extensive review of the advancement of SDN security is provided to the research and IT communities.

show abstract

Software-defined Networking Based DDoS Defense Mechanisms

Swami¹,

Dave²,

Ranga³

2020

Preprint

View full text Add to dashboard Cite

Distributed Denial of Service attack (DDoS) is recognized to be one of the catastrophic attacks against various digital communication entities. Software-defined networking (SDN) is an emerging technology for computer networks that uses open protocols for controlling switches and routers placed at the network edges by using specialized open programmable interfaces. In this paper, a detailed study on DDoS threats prevalent in SDN is presented. Firstly, SDN features are examined from the perspective of security, and then, a discussion on assessment of SDN security features is done. Further, two viewpoints towards protecting the networks against DDoS attacks are elaborated. In the first view, SDN utilizes its abilities to secure the conventional networks. In the second view, SDN may become a victim of the threats itself because of the centralized control mechanism. The main focus of this research work is towards discovering critical security implications in SDN while reviewing the current ongoing research studies. By emphasizing the available state of the art techniques, an extensive review towards the advancement of the SDN security is provided to the researchers and IT communities.

show abstract

Defending DDoS against Software Defined Networks using Entropy

Swami

Dave

Ranga

2019

View full text Add to dashboard Cite

IQR-based approach for DDoS detection and mitigation in SDN

2023

View full text Add to dashboard Cite

Voting‐based intrusion detection framework for securing software‐defined networks

Swami

Dave

Ranga

2020

Concurrency and Computation

View full text Add to dashboard Cite

Software-defined networking (SDN) is an emerging paradigm in enterprise networks because of its flexible and cost-effective nature. By decoupling control and data plane, SDN can provide various defense solutions for securing futuristic networks. However, the architectural design and characteristics of SDN attract several severe attacks. Distributed denial of service (DDoS) is considered as a major destructive cyber attack that makes the services of controller unavailable for its legitimate users. In this research article, an intrusion detection framework is proposed to detect DDoS attacks against SDN. The proposed framework relies on voting-based ensemble model for the attack detection. Ensemble model is a combination of multiple machine learning classifiers for prediction of final results. In this research article, we propose and analyze three ensemble models named as Voting-CMN, Voting-RKM, and Voting-CKM particularly to benchmarking datasets such as UNSW-NB15, CICIDS2017, and NSL-KDD, respectively. For validation of the proposed models, a cross-validation technique is used with the prediction algorithms. The effectiveness of proposed models is evaluated in terms of prominent metrics (accuracy, precision, recall, and F-measure). Experimental results indicate that the proposed models achieve better performance in terms of accuracy as compared with other existing models.

show abstract

Detection and Analysis of TCP-SYN DDoS Attack in Software-Defined Networking

Swami

Dave

Ranga

2021

Wireless Pers Commun

View full text Add to dashboard Cite

Voting based Intrusion Detection Framework for Securing Software-Defined Networks

Swami¹,

Dave²,

Ranga³

2020

Preprint

View full text Add to dashboard Cite

<div>Software-defined networking (SDN) is an emerging paradigm in enterprise networks because of its flexible and cost-effective nature. By decoupling control and data plane, SDN can provide various defense solutions for securing futuristic networks. However, the architectural design and characteristics of SDN attract several severe attacks. Distributed Denial of Service (DDoS) is considered as a major destructive cyber attack that makes the services of controller unavailable for its legitimate users. In this research paper, an intrusion detection framework is proposed to detect DDoS attacks against SDN. The proposed framework relies on voting based ensemble model for the attack detection. Ensemble model is a combination of multiple machine learning classifiers for prediction of final results. In this research paper, we propose and analyze three ensemble models named as Voting-CMN, Voting-RKM, and Voting-CKM particularly to benchmarking datasets like UNSW-NB15, CICIDS2017, and NSL-KDD, respectively. For validation of the proposed models, a cross validation technique is used with the prediction algorithms. The effectiveness of proposed models is evaluated in terms of prominent metrics (accuracy, precision, recall, and F measure). Experimental results indicate that the proposed</div><div>models achieve better performance in terms of accuracy as compared to other existing models.</div>

show abstract

DDoS Attacks and Defense Mechanisms Using Machine Learning Techniques for SDN

Swami

Dave

Ranga

2020

View full text Add to dashboard Cite

Distributed denial of service (DDoS) attack is one of the most disastrous attacks that compromises the resources and services of the server. DDoS attack makes the services unavailable for its legitimate users by flooding the network with illegitimate traffic. Most commonly, it targets the bandwidth and resources of the server. This chapter discusses various types of DDoS attacks with their behavior. It describes the state-of-the-art of DDoS attacks. An emerging technology named “Software-defined networking” (SDN) has been developed for new generation networks. It has become a trending way of networking. Due to the centralized networking technology, SDN suffers from DDoS attacks. SDN controller manages the functionality of the complete network. Therefore, it is the most vulnerable target of the attackers to be attacked. This work illustrates how DDoS attacks affect the whole working of SDN. The objective of this chapter is also to provide a better understanding of DDoS attacks and how machine learning approaches may be used for detecting DDoS attacks.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Rochak Swami

Software-defined Networking-based DDoS Defense Mechanisms

Software-defined Networking Based DDoS Defense Mechanisms

Defending DDoS against Software Defined Networks using Entropy

IQR-based approach for DDoS detection and mitigation in SDN

Voting‐based intrusion detection framework for securing software‐defined networks

Detection and Analysis of TCP-SYN DDoS Attack in Software-Defined Networking

Voting based Intrusion Detection Framework for Securing Software-Defined Networks

DDoS Attacks and Defense Mechanisms Using Machine Learning Techniques for SDN

Contact Info

Product

Resources

About