Research Trends in Security and DDoS in SDN

Dayal, Neelam; Maity, Prasenjit; Srivastava, Shashank; Khondoker, Rahamatullah

doi:10.1002/sec.1759

Cited by 84 publications

(29 citation statements)

References 60 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Mostly DDoS attack will affect the controller by using the flooding attack, one of the type of DDoS.But there is a possibilities of intrusion of DDoS attack in the data plane. Neelam et al [16] discussed about various DDoS attack issue that occurs in SDN. SDN faces the challenges against attacks.…”

Section: Related Workmentioning

confidence: 99%

Software Defined Networking Based Protection against DDOS in IoT

Pajila,

P.,

C.*

et al. 2020

IJITEE

View full text Add to dashboard Cite

Safety has become enormously important with the proliferation of internet of Things(IoT) technologies. Most of the IoT devices are linked with the DDoS attack, there are many risk nowadays for IoT because of DDoS attack.The new software-defined everything(SDx) model offers a way to handle IoT devices securely. The proposed S-IOT framework consists of a pool that includes S-IoT controllers, S-IoT switches and IoT devices. A new ENeFS algorithm is proposed to identify and reduce the DDoS attack. The proposed algorithm uses neuro fuzzy instruct rule to identify the DDoS attack and the number of data packets count also considered for the identification. The simulation results shows that the proposed algorithm performs better to improve the reliability of the IoT with different and unsafe gadgets.

show abstract

Section: Related Workmentioning

confidence: 99%

Software Defined Networking Based Protection against DDOS in IoT

Pajila,

P.,

C.*

et al. 2020

IJITEE

View full text Add to dashboard Cite

show abstract

“…Other important challenges in SDN are policy-based detection [18] and security policy enforcement. Indeed, multiple OpenFlow custom applications running concurrently in the application layer may insert different control policies dynamically.…”

Section: Firewalls On Sdnmentioning

confidence: 99%

FORTRESS: An Efficient and Distributed Firewall for Stateful Data Plane SDN

Caprolu

Raponi

Pietro

2019

Security and Communication Networks

View full text Add to dashboard Cite

The Software Defined Networking (SDN) paradigm decouples the logic module from the forwarding module on traditional network devices, bringing a wave of innovation to computer networks. Firewalls, as well as other security appliances, can largely benefit from this novel paradigm. Firewalls can be easily implemented by using the default OpenFlow rules, but the logic must reside in the control plane due to the dynamic nature of their rules that cannot be handled by data plane devices. This leads to a nonnegligible overhead in the communication channel between layers, as well as introducing an additional computational load on the control plane. To address the above limitations, we propose the architectural design of FORTRESS: a stateful firewall for SDN networks that leverages the stateful data plane architecture to move the logic of the firewall from the control plane to the data plane. FORTRESS can be implemented according to two different architectural designs: Stand-Alone and Cooperative, each one with its own peculiar advantages. We compare FORTRESS against FlowTracker, the state-of-the-art solution for SDN firewalling, and show how our solution outperforms the competitor in terms of the number of packets exchanged between the control plane and the data plane—we require 0 packets for the Stand-Alone architecture and just 4 for the Cooperative one. Moreover, we discuss how the adaptability, elegant and modular design, and portability of FORTRESS contribute to make it the ideal candidate for SDN firewalling. Finally, we also provide further research directions.

show abstract

“…Benton et al also present a brief overview of the vulnerabilities in OpenFlow protocol [15]. In addition, there are some works [34][35][36][37][38] that analyze vulnerabilities that exist in SDN network and present relevant studies dealing with vulnerabilities. Finally, Yoon et al systemize the attack surfaces existing in SDN network and evaluate them against three popular SDN controllers [39].…”

Section: Related Workmentioning

confidence: 99%

NOSArmor: Building a Secure Network Operating System

Nam

Shin

2018

Security and Communication Networks

View full text Add to dashboard Cite

Software-Defined Networking (SDN), controlling underlying network devices (i.e., data plane) in a logically centralized manner, is now actively adopted in many real world networking environments. It is clear that a network administrator can easily understand and manage his networking environments with the help of SDN. In SDN, a network operating system (NOS), also known as an SDN controller, is the most critical component because it should be involved in all transactions for controlling network devices, and thus the security of NOS cannot be highly exaggerated. However, in spite of its importance, no previous works have thoroughly investigated the security of NOS. In this work, to address this problem, we present the NOSArmor, which integrates several security mechanisms, named as security building block (SBB), into a consolidated SDN controller. NOSArmor consists of eight SBBs and each of them addresses different security principles of network assets. For example, while role-based authorization focuses on securing confidentiality of internal storage from malicious applications, OpenFlow protocol verifier protects availability of core service in the controller from malformed control messages received from switches. In addition, NOSArmor shows competitive performance compared to existing other controllers (i.e., ONOS, Floodlight) with secureness of network assets.

show abstract

Research Trends in Security and DDoS in SDN

Cited by 84 publications

References 60 publications

Software Defined Networking Based Protection against DDOS in IoT

Software Defined Networking Based Protection against DDOS in IoT

FORTRESS: An Efficient and Distributed Firewall for Stateful Data Plane SDN

NOSArmor: Building a Secure Network Operating System

Contact Info

Product

Resources

About