NFV-GUARD: Mitigating Flow Table-Overflow Attacks in SDN Using NFV

Soylu, Mustafa; Guillen, Luis; Izumi, Satoru; Abe, Toru; Suganuma, Takuo

doi:10.1109/netsoft51509.2021.9492584

Cited by 6 publications

(1 citation statement)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A large number of controlled endpoints consume the bandwidth and computational resources of the target resources by launching flooded application requests to the designated victims, forcing the target servers to stop normal application services [ 13 ]. In addition to this, researchers have also identified new DDoS attack techniques for SDN itself, such as packet_in flooding attacks against controllers [ 14 ], CrossPath attacks against southbound channels [ 15 ], and flow table overflow attacks against switches [ 16 ], etc. Both traditional DDoS attacks and new DDoS attacks targeting SDN architecture will seriously affect the performance of SDN.…”

Section: Introductionmentioning

confidence: 99%

SDN-Defend: A Lightweight Online Attack Detection and Mitigation System for DDoS Attacks in SDN

Wang

2022

Sensors

View full text Add to dashboard Cite

With the development of Software Defined Networking (SDN), its security is becoming increasingly important. Since SDN has the characteristics of centralized management and programmable, attackers can easily take advantage of the security vulnerabilities of SDN to carry out distributed denial of service (DDoS) attacks, which will cause the memory of controllers and switches to be occupied, network bandwidth and server resources to be exhausted, affecting the use of normal users. To solve this problem, this paper designs and implements an online attack detection and mitigation SDN defense system. The SDN defense system consists of two modules: anomaly detection module and mitigation module. The anomaly detection model uses a lightweight hybrid deep learning method—Convolutional Neural Network and Extreme Learning Machine (CNN-ELM) for anomaly detection of traffic. The mitigation model uses IP traceback to locate the attacker and effectively filters out abnormal traffic by sending flow rule commands from the controller. Finally, we evaluate the SDN defense system. The experimental results show that the SDN defense system can accurately identify and effectively mitigate DDoS attack flows in real-time.

show abstract

Section: Introductionmentioning

confidence: 99%