DoSGuard: Mitigating Denial-of-Service Attacks in Software-Defined Networks

Li, Jishuai; Tu, Tengfei; Li, Yongsheng; Qin, Su‐Juan; Shi, Yuanming; Wen, Qiaoyan

doi:10.3390/s22031061

Cited by 16 publications

(6 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The researchers simulated these attacks on Mininet and explored their impacts, noting that both the timeout duration of a flow rule and the bandwidth of the control plane significantly influence switch performance. Yet another paper [12] showcases DoS-Guard, a comprehensive and protocol-agnostic safeguard for SDN networks, designed to identify and alleviate such threats. Essentially, DoS-Guard is a streamlined add-on for SDN controllers, comprising three primary elements: a monitor, a detector, and a mitigator.…”

Section: Issn: 2302-9285 mentioning

confidence: 99%

Detection and mitigation of DDoS attacks in SDN based intrusion detection system

Chouikik,

Ouaissa,

Ouaissa

et al. 2024

Bulletin EEI

View full text Add to dashboard Cite

Software defined networks (SDN) have completely revolutionized the management and operation of networks. This novel technology entails a distinctive approach to management. Amidst the advancements, a notable security concern arises in the form of distributed denial of service (DDoS) attacks. To counteract this attack, the deployment of intrusion detection systems (IDS) assumes paramount importance. IDS plays a critical role in monitoring network traffic, promptly detecting irregularities that may signify a potential denial of service (DoS) assault. This study delves into a comprehensive exploration of a DDoS attack on an SDN network using the OpenDaylight controller and the Mininet emulator. Furthermore, the assessment extends to evaluating the DDoS attack's repercussions and the effectiveness of IDS in mitigating such risks. Various performance metrics, including throughput according to delay time, are monitored to gauge network performance under duress. The difference in throughput curves when comparing scenarios with and without IDS highlights the significant impact of intrusion detection. When the IDS was absent, there was a noticeable increase in oscillations, indicating greater network susceptibility. On the other hand, the presence of an IDS created a more regulated environment, reducing variances and promoting a more stable network.

show abstract

Section: Issn: 2302-9285 mentioning

confidence: 99%

Detection and mitigation of DDoS attacks in SDN based intrusion detection system

Chouikik,

Ouaissa,

Ouaissa

et al. 2024

Bulletin EEI

View full text Add to dashboard Cite

show abstract

“…In [24], the authors propose a defense framework called DoSGuard to detect and mitigate denial-of-service (DoS) attacks in SDN networks. The framework was implemented as an extension module for the SDN controllers.…”

Section: Packet Injection Attacks On Sdnmentioning

confidence: 99%

Defending Sdn Against Packet Injection Attacks Using Deep Learning

Phu

Ullah

et al. 2023

Preprint

View full text Add to dashboard Cite

“…However, the defined threshold value of the mechanisms based on entropy broadly depends on the security researchers’ experience. DoSGuard uses a support vector machine (SVM) as the classifier to detect and filter DoS attacks and protects networks [ 11 ]. A deep learning approach based on Gated Recurrent Unit (GRU) was introduced to handle DDoS attacks in SDN [ 12 ].…”

Section: Related Workmentioning

confidence: 99%

DoSDefender: A Kernel-Mode TCP DoS Prevention in Software-Defined Networking

Wang,

Zhao,

Zhi

et al. 2023

Sensors

View full text Add to dashboard Cite

The limited computation resource of the centralized controller and communication bandwidth between the control and data planes become the bottleneck in forwarding the packets in Software-Defined Networking (SDN). Denial of Service (DoS) attacks based on Transmission Control Protocol (TCP) can exhaust the resources of the control plane and overload the infrastructure of SDN networks. To mitigate TCP DoS attacks, DoSDefender is proposed as an efficient kernel-mode TCP DoS prevention framework in the data plane for SDN. It can prevent TCP DoS attacks from entering SDN by verifying the validity of the attempts to establish a TCP connection from the source, migrating the connection, and relaying the packets between the source and the destination in kernel space. DoSDefender conforms to the de facto standard SDN protocol, the OpenFlow policy, which requires no additional devices and no modifications in the control plane. Experimental results show that DoSDefender can effectively prevent TCP DoS attacks in low computing consumption while maintaining low connection delay and high packet forwarding throughput.

show abstract

DoSGuard: Mitigating Denial-of-Service Attacks in Software-Defined Networks

Cited by 16 publications

References 28 publications

Detection and mitigation of DDoS attacks in SDN based intrusion detection system

Detection and mitigation of DDoS attacks in SDN based intrusion detection system

Defending Sdn Against Packet Injection Attacks Using Deep Learning

DoSDefender: A Kernel-Mode TCP DoS Prevention in Software-Defined Networking

Contact Info

Product

Resources

About