On-the-fly (D)DoS attack mitigation in SDN using Deep Neural Network-based rate limiting

Kamel, Ali El; Eltaief, Hamdi; Youssef, Habib

doi:10.1016/j.comcom.2021.11.003

Cited by 17 publications

(4 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The proposed solution in [33] uses deep learning and real-time evaluation of trustworthiness measures to prevent misbehaving nodes from causing disruptions in the network. In contrast, our proposed solution uses a threshold bit rate at every port of the switch to detect and prevent DoS and packet-injection attacks.…”

Section: Deep Learning Methods For Protecting Sdnmentioning

confidence: 99%

Defending Sdn Against Packet Injection Attacks Using Deep Learning

Phu

Ullah

et al. 2023

Preprint

View full text Add to dashboard Cite

Section: Deep Learning Methods For Protecting Sdnmentioning

confidence: 99%

Defending Sdn Against Packet Injection Attacks Using Deep Learning

Phu

Ullah

et al. 2023

Preprint

View full text Add to dashboard Cite

“…Thus, in comparison with server/controller-based schemes simpler models can be implemented in network element. In contrast, complex detection models like deep-neuralnetworks can be implemented in SDN controller or server to detect attacks [124]. In comparison with fully-innetwork security schemes, Co-design schemes will have higher capability in implementing complex attack detection models due to the availability of general-purposecomputing unit.…”

Section: Mechanismmentioning

confidence: 99%

A Survey on In-Network Computing: Programmable Data Plane and Technology Specific Applications

Kianpisheh

Taleb

2023

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

In comparison with cloud computing, edge computing offers processing at locations closer to end devices and reduces the user experienced latency. The new recent paradigm of innetwork computing employs programmable network elements to compute on the path and prior to traffic reaching the edge or cloud servers. It advances common edge/cloud server based computing through proposing line rate processing capabilities at closer locations to the end devices. This paper discusses use cases, enabler technologies and protocols for in-network computing. According to our study, considering programmable data plane as an enabler technology, potential in-network computing applications are in-network analytics, in-network caching, innetwork security, and in-network coordination. There are also technology specific applications of in-network computing in the scopes of cloud computing, edge computing, 5G/6G, and NFV. In this survey, the state of the art, in the framework of the proposed categorization, is reviewed. Furthermore, comparisons are provided in terms of a set of proposed criteria which assess the methods from the aspects of methodology, main results, as well as application-specific criteria. Finally, we discuss lessons learned and highlight some potential research directions.

show abstract

“…If the IoT devices are impairing the central controller, then it increases the vulnerability degree of the SDN-managed ISP. This proposed approach in [ 139 ] deals with the SDN security issues to overcome DDOS in a controller and communication switch. It integrates the online learning method to limit the packet-in rate, while tending to the controller queue and switch space capacity.…”

Section: Network Security and Managementmentioning

confidence: 99%

Software-Defined Networking: Categories, Analysis, and Future Directions

Hussain

Shah

Amin³

et al. 2022

Sensors

View full text Add to dashboard Cite

Software-defined networking (SDN) is an innovative network architecture that splits the control and management planes from the data plane. It helps in simplifying network manageability and programmability, along with several other benefits. Due to the programmability features, SDN is gaining popularity in both academia and industry. However, this emerging paradigm has been facing diverse kinds of challenges during the SDN implementation process and with respect to adoption of existing technologies. This paper evaluates several existing approaches in SDN and compares and analyzes the findings. The paper is organized into seven categories, namely network testing and verification, flow rule installation mechanisms, network security and management issues related to SDN implementation, memory management studies, SDN simulators and emulators, SDN programming languages, and SDN controller platforms. Each category has significance in the implementation of SDN networks. During the implementation process, network testing and verification is very important to avoid packet violations and network inefficiencies. Similarly, consistent flow rule installation, especially in the case of policy change at the controller, needs to be carefully implemented. Effective network security and memory management, at both the network control and data planes, play a vital role in SDN. Furthermore, SDN simulation tools, controller platforms, and programming languages help academia and industry to implement and test their developed network applications. We also compare the existing SDN studies in detail in terms of classification and discuss their benefits and limitations. Finally, future research guidelines are provided, and the paper is concluded.

show abstract

On-the-fly (D)DoS attack mitigation in SDN using Deep Neural Network-based rate limiting

Cited by 17 publications

References 32 publications

Defending Sdn Against Packet Injection Attacks Using Deep Learning

Defending Sdn Against Packet Injection Attacks Using Deep Learning

A Survey on In-Network Computing: Programmable Data Plane and Technology Specific Applications

Software-Defined Networking: Categories, Analysis, and Future Directions

Contact Info

Product

Resources

About