Proceedings ArticleDOI
Low-rate TCP DDoS Attack Model in the Southbound Channel of Software Defined Networks
Juan Fernando Balarezo,Song Wang,Karina Gomez Chavez,Akram Al-Hourani,Jing Fu,Kandeepan Sithamparanathan +5 more
- pp 1-10
TLDR
In this article, the authors proposed a model for low-rate stealthy DDoS attacks, which exploit vulnerabilities in the TCP's re-transmission time out mechanism (RTO), and found that these attacks are able to target the southbound TCP channel, used by OpenFlow and P4 protocol.Abstract:
Software-Defined Networking (SDN) decoupled architecture provides greater network visibility for network operators allowing effective resource management and enhances networks security. However, the SDN centralized architecture, the communication channels between planes and the limited resources can make SDN systems vulnerable against DoS/DDoS attacks. To have a better understanding of the attack dynamics and lead to future mitigation techniques, modeling DoS/DDoS attacks for SDN is necessary. The main goal of modeling is to provide i) better understanding about the attack effect, and consequently ii) more effective mitigation techniques. Specially when DDoS attacks costs oscillated between $25,000 and $249,000 for %58 of companies around the world in 2018 [1]. We propose a model for the low-rate (shrew) stealthy DDoS attacks, which exploit vulnerabilities in the TCP’s re-transmission time out mechanism (RTO). We found that these attacks are able to target the southbound TCP channel, used by OpenFlow and P4 protocol, in SDN.read more
Citations
More filters
Journal ArticleDOI
Real-Time Detection and Mitigation of LDoS Attacks in the SDN Using the HGB-FP Algorithm
TL;DR: Huang et al. as mentioned in this paper proposed a framework based on the histogram-based gradient boosting and finding peaks (HGB-FP) algorithm to detect low-rate DoS attacks and mitigate their influence in the SDN in real-time.
Journal ArticleDOI
Detection and Mitigation of Low-Rate Denial-of-Service Attacks: A Survey
TL;DR: This survey summarizes and complements previous studies and surveys related to this specific type of attack and proposes a taxonomy of the LDoS attacks, which were divided into three broad categories based on their modus operandi: QoS attacks, Slow rate attacks, and Service queue attacks.
Journal ArticleDOI
Dynamics of Botnet Propagation in Software Defined Networks Using Epidemic Models
Juan Fernando Balarezo,Song Wang,Karina Gomez Chavez,Akram Al-Hourani,Sithamparanathan Kandeepan +4 more
TL;DR: In this article, the authors proposed two analytic epidemic models, one for enterprise Software Define Networks (SDN) based on the SEIRS (Susceptible - Exposed - Infected - Recovered) approach, while the second model is designed for service providers' SDN, and it is based on a novel extension of a SEIRs-SEIRS vector-borne approach.
Proceedings ArticleDOI
Analysis of the Optimized KNN Algorithm for the Data Security of DR Service
Kun Shi,Songsong Chen,Dezhi Li +2 more
TL;DR: Wang et al. as mentioned in this paper explored the potential of classical kNN algorithm in data storage structure, K-nearest neighbor search and hyperparameter optimization, and proposed an improved KNN algorithm for DDoS attack detection of demand-side IoT devices.
References
More filters
Journal ArticleDOI
OpenFlow: enabling innovation in campus networks
Nick McKeown,Thomas Anderson,Hari Balakrishnan,Guru Parulkar,Larry L. Peterson,Jennifer Rexford,Scott Shenker,Jonathan S. Turner +7 more
TL;DR: This whitepaper proposes OpenFlow: a way for researchers to run experimental protocols in the networks they use every day, based on an Ethernet switch, with an internal flow-table, and a standardized interface to add and remove flow entries.
Journal ArticleDOI
Software-Defined Networking: A Comprehensive Survey
Diego Kreutz,Fernando M. V. Ramos,Paulo Veríssimo,Christian Esteve Rothenberg,Siamak Azodolmolky,Steve Uhlig +5 more
TL;DR: This paper presents an in-depth analysis of the hardware infrastructure, southbound and northbound application programming interfaces (APIs), network virtualization layers, network operating systems (SDN controllers), network programming languages, and network applications, and presents the key building blocks of an SDN infrastructure using a bottom-up, layered approach.
Journal ArticleDOI
P4: programming protocol-independent packet processors
Pat Bosshart,Daniel P. Daly,Glen Gibb,Martin J. Izzard,Nick McKeown,Jennifer Rexford,Cole Schlesinger,Daniel Talayco,Amin Vahdat,George Varghese,David Walker +10 more
TL;DR: This paper proposes P4 as a strawman proposal for how OpenFlow should evolve in the future, and describes how to use P4 to configure a switch to add a new hierarchical label.
Journal ArticleDOI
A Survey on Software-Defined Networking
TL;DR: A generally accepted definition for SDN is presented, including decoupling the control plane from the data plane and providing programmability for network application development, and its three-layer architecture is dwelled on, including an infrastructure layer, a control layer, and an application layer.
Proceedings ArticleDOI
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants
TL;DR: It is shown that maliciously chosen low-rate DoS traffic patterns that exploit TCP's retransmission time-out mechanism can throttle TCP flows to a small fraction of their ideal rate while eluding detection.
Related Papers (5)
Analyzing behavior of DDoS attacks to identify DDoS detection features in SDN
Neelam Dayal,Shashank Srivastava +1 more