SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking

Badotra, Sumit; Panda, S. N.

doi:10.1007/s10586-020-03133-y

Cited by 100 publications

(28 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In the third phase, attack detection is performed by comparing the values obtained from the previous phase with the table miss of the switches. Likewise, in terms of the early detection of DDoS, IDS countermeasures have been proposed, as in [151], a paper in which the authors use IDS Snort rules 5 and generate alarms in the event of detecting an attack.…”

Section: ) Stateless Data Planementioning

confidence: 99%

“…Preconditions/ Postconditions [123] OFDP vulnerable BFD [125] Fake packet-in Switch port association with host MAC [135] Lack of packet-in message authentication Independent hardware implementation [136] DoS attacks Statistics [137] DoS attacks Protocol-independent defense framework [128] Spoofing and DoS attacks ACL / Machine learning [155] Spoofing Route and Dos attacks Traffic statistics [138] DDoS attacks Entropy [140] DoS attacks Entropy [141] DoS attacks Traffic statistics [142] DDoS attacks KPCA+GA+ Machine learning [143] DDoS attacks Blockchain [144] Lack of P2P traffic identification Machine learning [145] HTTP DDoS attacks Entropy + Hardware [149] DDoS attacks PCA [150] DDoS attacks EWMA [151] DDoS attacks Snort IDS [152] DDoS attacks Machine learning [153] DDoS attacks Deep Learning [154] DDoS attacks Entropy / Machine learning [156] Inference attacks Randomization of network attributes/ Rate-limiting + Proactive rules Rate-limiting + Proxy [160] DoS attacks (LDoS) Statistics / LRU [130] Inference attacks Routing aggregation / TCAM + SRAM [161], [162] Lack of network client access control EAP / RADIUS [163] Lack of network client access control EAPoL / RADIUS [164] DoS attacks Blockchain + Hardware [129] SYN flooding and ARP spoofing attacks SYN/ACK and ACK/FIN packets' ratio / P4 cache [165] Traffic overload / Latency App+P4 [166] Traffic overload Snort IPS + P4 [167] DDoS attacks P4+Entropy+FSM [168] Lack of link protection between stateful switches MACsec [169] States exchange between stateful switches Digital signatures [170] Link floo...…”

Section: ) Stateful Data Planementioning

confidence: 99%

See 1 more Smart Citation

A Survey of the Main Security Issues and Solutions for the SDN Architecture

et al. 2021

View full text Add to dashboard Cite

The software-defined networking (SDN) paradigm proposes the decoupling of control and data planes and a centralized software-oriented management approach based on a central controller, easing the development of new applications and services. These design principles pave the way for a more flexible, fast, and dynamic software-controlled network. However, in terms of security, the elements that comprise the SDN architecture present several vulnerabilities, which could be exploited by attackers to carry out malicious actions and thus affect the network and its services. Although for several years, some studies have already focused on identifying the weaknesses of the SDN layer structure, the nature of the attacks, and possible solutions for this paradigm, the literature contains few contributions that review and discuss this topic in an integral fashion. This paper provides a comprehensive, updated, and detailed review of the main security issues and mitigating measures for all layers and interfaces of the SDN architecture, classifying the contributions according to the STRIDE threat modeling methodology categories. Finally, this manuscript identifies, discusses, and synthesizes open challenges and future research directions in this area.

show abstract

Section: ) Stateless Data Planementioning

confidence: 99%

Section: ) Stateful Data Planementioning

confidence: 99%

A Survey of the Main Security Issues and Solutions for the SDN Architecture

et al. 2021

View full text Add to dashboard Cite

show abstract

“…In this sense, some of the tools that where analyzed in Section III have been used in the SDN scope. For example, Snort is applied for intrusion and Distributed DoS (DDoS) detection by different authors [122,124,125]. On the other hand, Suricata is also used for intrusion detection in SDN [127,128].…”

Section: Sdnmentioning

confidence: 99%

Present and Future of Network Security Monitoring

2021

View full text Add to dashboard Cite

Network Security Monitoring (NSM) is a popular term to refer to the detection of security incidents by monitoring the network events. An NSM system is central for the security of current networks, given the escalation in sophistication of cyberwarfare. In this paper, we review the state-of-the-art in NSM, and derive a new taxonomy of the functionalities and modules in an NSM system. This taxonomy is useful to assess current NSM deployments and tools for both researchers and practitioners. We organize a list of popular tools according to this new taxonomy, and identify challenges in the application of NSM in modern network deployments, like Software Defined Network (SDN) and Internet of Things (IoT).

show abstract

“…The range and mobility of UAVs are considered the second concern after energy consumption, and these are also assumed as the primary influencers for UAV network topologies [4,5].…”

mentioning

confidence: 99%

“…LEACH [3] is one of the notable WSN clustering routing protocols. In this sensor, nodes are collected in groups called clusters, and each one chooses one cluster as the leading cluster, called the cluster head, and the remaining nodes in a cluster are called cluster members [4]. Nodes collect information from their surroundings and relay it to their CH.…”

mentioning

confidence: 99%

Energy-Efficient Clustering Scheme for Flying Ad-Hoc Networks Using an Optimized LEACH Protocol

et al. 2021

Self Cite

View full text Add to dashboard Cite

A Flying Ad-hoc network constitutes many sensor nodes with limited processing speed and storage capacity as they institute a minor battery-driven device with a limited quantity of energy. One of the primary roles of the sensor node is to store and transmit the collected information to the base station (BS). Thus, the life span of the network is the main criterion for the efficient design of the FANETS Network, as sensor nodes always have limited resources. In this paper, we present a methodology of an energy-efficient clustering algorithm for collecting and transmitting data based on the Optimized Low-Energy Adaptive Clustering Hierarchy (LEACH) protocol. The selection of CH is grounded on the new optimized threshold function. In contrast, LEACH is a hierarchical routing protocol that randomly selects cluster head nodes in a loop and results in an increased cluster headcount, but also causes more rapid power consumption. Thus, we have to circumvent these limitations by improving the LEACH Protocol. Our proposed algorithm diminishes the energy usage for data transmission in the routing protocol, and the network’s lifetime is enhanced as it also maximizes the residual energy of nodes. The experimental results performed on MATLAB yield better performance than the existing LEACH and Centralized Low-Energy Adaptive Clustering Hierarchy Protocol in terms of energy efficiency per unit node and the packet delivery ratio with less energy utilization. In addition, the First Node Death (FND) is also meliorated when compared to the LEACH and LEACH-C protocols.

show abstract

SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking

Cited by 100 publications

References 29 publications

A Survey of the Main Security Issues and Solutions for the SDN Architecture

A Survey of the Main Security Issues and Solutions for the SDN Architecture

Present and Future of Network Security Monitoring

Energy-Efficient Clustering Scheme for Flying Ad-Hoc Networks Using an Optimized LEACH Protocol

Contact Info

Product

Resources

About