Physical Assessment of an SDN-Based Security Framework for DDoS Attack Mitigation: Introducing the SDN-SlowRate-DDoS Dataset

Yungaicela-Naula, Noe M.; Vargas-Rosales, César; Díaz, Jesús Arturo Pérez; Jacob, Eduardo; Martinez-Cagnazzo, Carlos

doi:10.1109/access.2023.3274577

Cited by 12 publications

(10 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is a strong and powerful weapon for safeguarding digital systems from the continuously changing threat landscape of the modern age. [3] The combination of SDN (Software-Defined Networking) technologies with DL (Deep Learning) principles is definitely the next big step in cybersecurity, providing organizations with the ability to proactively and in time respond to cyber threats as part of a fully automated security system. SDN-based security frameworks use the centralized control with programability, given by the SDN architecture, as a basis to enhance network visibility, automate defenses and orchestrate the fast reactions to security incidents.…”

Section: Exception Methodologiesmentioning

confidence: 99%

“…In general, PUF-based network structures offer a very strong method for authentication, access control, and DDoS attack resistance, thus, it is a good strategy for companies pursuing better cybersecurity. [3] The SDN framework-based security plan with automatic detection and capabilities for response in a timely manner for slow-rate DDoS attacks opens new perspectives to deal with cyberattacks in real time. Using the central control and programmability of SDN helps speeding up a real-time monitoring and mitigation mechanisms that when detecting anomalies indicative of a slow-rate DDoS attacks, the traffic forwarding policies can dynamically be changed ,and the suspicious traffic paths directed to the center for futher processing and filtering too.…”

Section: Introductionmentioning

confidence: 99%

“…Empirical assessments of the proposed structures have better results than reactive filtering, what reinforces the option of introducing it into the cybersecurity system to harden infrastructures against the DDoS attacks sophistication. [3] Organizations that make use of Software-Defined Networking (SDN)-based automation systems encounter DDoS mitigation effectiveness that is as great as indicated by the studies. The ability of SDN to use the centralized control and programmability is enabling a change in the defense mechanisms of the frameworks, which become dynamic and proactive with the power to identify abnormal connections and block them in realtime.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Surveying Emerging Trends in DDoS Defense

Pandey

2024

IJSREM

View full text Add to dashboard Cite

This The DDoS attack threat is evolving, and because of this, organizations are discovering and using new modern technologies to lay the ground for more effective defensive strategies. This paper is devoted to the investigation of the most efficient methods fighting DDoS – downtime of the network, and ensuring cybersecurity on different domains. First of all, the integration of Convolutional Neural Networks (CNNs) into cybersecurity is a very promising move with respect to fighting exactly the phishing and application-layer DDoS attacks in greater details than the machine learning approaches like the LSTMs and SAEs. Another aspect of building the effective opposition against the dummy data attacks on the critical infrastructures, for example on the power systems, is creating the multi-dimensional mitigation models composed of various timely detection techniques and robust network architecture. In addition, the usage of Physically Unclonable Functions (PUFs) in network architectures provides a means of authentication as well as access control that can improve the resilience of a network against DDoS attacks. PUFs enables the blockade of unwanted packets of high volume traffic, allowing granular traffic filtration and isolation. By using hardware solutions such as Distributed-Denial-of-Service (DDoS) attack prevention, SDN-biased security frame with deep learning algorithms can improve network resilience with significant detection and response to slow-rate DDoS attacks. At last EWMA, KNN, and CUSUM as statistical methods integrated with FOG computing architectures ensure real time and effective solution for the detection and mitigation of DDoS attacks in the IoT networks, making them immune to the current as well as the continuously emerging cyber threats. Through the integration of these cutting edge methods, organizations will be able to hold their ground against cyberattacks catalyzed by DDoS menace and stay ahead of dynamic threats whenever they arise. Keywords— Cloud computing, Data threats, Data Protection, Cloud security.

show abstract

Section: Exception Methodologiesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Surveying Emerging Trends in DDoS Defense

Pandey

2024

IJSREM

View full text Add to dashboard Cite

show abstract

“…Yungaicela et al, [ 22 ] proposed a DL-based framework for detecting and preventing DDoS attacks. Additionally, they contribute the SDN-SlowRate DDoS dataset, which proves to be more recent and complex than the high-rate DDoS attacks dataset.…”

Section: Relevant Workmentioning

confidence: 99%

“…However, this dataset is limited to UDP DDoS attacks, has limited traffic features, and is not publicly available. On the other side [ 22 ], dataset is focusing solely on HTTP slow attacks against victim servers. Therefore, the contributed HLD-DDoSDN dataset considers the prevailing realistic SDN DDoS attack (TCP, UDP, and ICMP) with traffic variation rates (i.e., high-rate and low-rate) and contains 71 statistically qualified traffic features.…”

Section: Relevant Workmentioning

confidence: 99%

HLD-DDoSDN: High and low-rates dataset-based DDoS attacks against SDN

Bahashwan,

Anbar,

Manickam

et al. 2024

PLoS ONE

View full text Add to dashboard Cite

Software Defined Network (SDN) has alleviated traditional network limitations but faces a significant challenge due to the risk of Distributed Denial of Service (DDoS) attacks against an SDN controller, with current detection methods lacking evaluation on unrealistic SDN datasets and standard DDoS attacks (i.e., high-rate DDoS attack). Therefore, a realistic dataset called HLD-DDoSDN is introduced, encompassing prevalent DDoS attacks specifically aimed at an SDN controller, such as User Internet Control Message Protocol (ICMP), Transmission Control Protocol (TCP), and User Datagram Protocol (UDP). This SDN dataset also incorporates diverse levels of traffic fluctuations, representing different traffic variation rates (i.e., high and low rates) in DDoS attacks. It is qualitatively compared to existing SDN datasets and quantitatively evaluated across all eight scenarios to ensure its superiority. Furthermore, it fulfils the requirements of a benchmark dataset in terms of size, variety of attacks and scenarios, with significant features that highly contribute to detecting realistic SDN attacks. The features of HLD-DDoSDN are evaluated using a Deep Multilayer Perception (D-MLP) based detection approach. Experimental findings indicate that the employed features exhibit high performance in the detection accuracy, recall, and precision of detecting high and low-rate DDoS flooding attacks.

show abstract