Real-time security services for SDN-based datacenters

Varga, Pál; Kathareios, Georgios; Mate, Akos; Clauberg, R.; Anghel, Andreea; Orosz, Péter; Nagy, Balázs; Tóthfalusi, Tamás; Kovâcs, László; Gusat, Mitch

doi:10.23919/cnsm.2017.8256030

Cited by 13 publications

(12 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…What sets them apart is how they extract information from the flow inputs to detect DDoS attacks and how they act on the network to mitigate these attacks. Among these works, some have been providing solutions that identify anomalies in the network in order to detect different types of DDoS attacks 58,61,84,88,90,92,107,109,128,139,146,147,150,152,154,155 . Such solutions often use statistical analysis, machine learning algorithms, or trust in external applications such as Bro Security Monitor 98 .…”

Section: Solutions Focused On the Control Planementioning

confidence: 99%

A systematic review on distributed denial of service attack defense mechanisms in programmable networks

Dalmazo¹,

Marques

Costa

et al. 2021

Int J Network Mgmt

View full text Add to dashboard Cite

Summary Design flaws and vulnerabilities inherent to network protocols, devices, and services make Distributed Denial of Service (DDoS) a persisting threat in the cyberspace, despite decades of research efforts in the area. The historical vertical integration of traditional IP networks limited the solution space, forcing researchers to tweak network protocols while maintaining global compatibility and proper service to legitimate flows. The advent of Software‐Defined Networking (SDN) and advances in Programmable Data Planes (PDP) changed the state of affairs and brought novel possibilities to deal with such attacks. In summary, the ability of bringing together network intelligence to a control plane, and offloading flow processing tasks to the forwarding plane, opened up interesting opportunities for network security researchers unlike ever. In this article, we dive into recent research that relies on SDN and PDP to detect, mitigate, and prevent DDoS attacks. Our literature review takes into account the SDN layered view as defined in RFC7426 and focuses on the data, control, and application planes. We follow a systematic methodology to capture related articles and organize them into a taxonomy of DDoS defense mechanisms focusing on three facets: activity level, deployment location, and cooperation degree. From the analysis of existing work, we also highlight key research gaps that may foster future research in the field.

show abstract

Section: Solutions Focused On the Control Planementioning

confidence: 99%

A systematic review on distributed denial of service attack defense mechanisms in programmable networks

Dalmazo¹,

Marques

Costa

et al. 2021

Int J Network Mgmt

View full text Add to dashboard Cite

show abstract

“…Organizations and enterprises apply security methods to protect against unauthorized access to their infrastructures. Hardware-accelerated security practices have been studied in [152]. Varga, P., et al [152] have introduced an automated method to speed up the reaction lag in SDN-based DCs via FPGA-based processing units.…”

Section: Cybersecurity (Cs)mentioning

confidence: 99%

“…Hardware-accelerated security practices have been studied in [152]. Varga, P., et al [152] have introduced an automated method to speed up the reaction lag in SDN-based DCs via FPGA-based processing units. The authors aim to enhance the security (C5) of DCNs and large clouds with a new FPGA-accelerated NFV.…”

Section: Cybersecurity (Cs)mentioning

confidence: 99%

Towards Low-Latency Service Delivery in a Continuum of Virtual Resources: State-of-the-Art and Research Directions

Santos

Wauters

Volckaert

et al. 2021

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

“…Furthermore, an important factor in SDN networks is security. This is how [45] describes that in DC networks supported by SDN controllers, when mitigating and reacting to any type of cyberattack, response times are slow because security management is in charge of human operators. Therefore, a virtualization of the network functions with FPGA 23 is provided (see Figure 8) that substantially improves the switching rates, improving the accuracy and speed in the detection of security problems and other traffic anomalies to the SDN controller.…”

Section: Datacentersmentioning

confidence: 99%

“…Real-time network security design based on FPGA,[45]. statE of thE art in softWarE dEfinEd nEtWorking (sdn)…”

mentioning

confidence: 99%

State of the art in software defined networking (SDN)

Pérez¹,

Losada²,

Rojas³

et al. 2019

Vis. Electron.

View full text Add to dashboard Cite

The growth of networks at a global level is inevitable due to the increase of users, devices and applications, such as: Internet of Things (IoT), processing and analysis of large amounts of information (Big Data), or streaming audio and video, which has demanded from the systems, greater storage resources and bandwidth. To this purpose, diverse paradigms have emerged for the centralized management of all the components of a network through fully administrable, centralized and dynamic technological platforms; among these is SDN (Software-Defined Networks). This document, consequently, establishes the state-of-art from a documentary research of a categorical type to be used as a frame of reference for research in the area of SDN by the Research Group of New Technologies of Social Application GIDENUTAS ascribed to the University Francisco Jose de Caldas. This is chronologically limited to a review, from 2007 until today, focused on the countries that have promoted the development and implementation of this new paradigm, using databases such as IEEE Xplore, Google Scholar, as well as documents from standardization organizations such as ONF and ITU.

show abstract

Real-time security services for SDN-based datacenters

Cited by 13 publications

References 16 publications

A systematic review on distributed denial of service attack defense mechanisms in programmable networks

A systematic review on distributed denial of service attack defense mechanisms in programmable networks

Towards Low-Latency Service Delivery in a Continuum of Virtual Resources: State-of-the-Art and Research Directions

State of the art in software defined networking (SDN)

Contact Info

Product

Resources

About