scispace - formally typeset
Search or ask a question
Topic

DDoS mitigation

About: DDoS mitigation is a research topic. Over the lifetime, 237 publications have been published within this topic receiving 8082 citations.


Papers
More filters
Journal ArticleDOI
TL;DR: This paper reviews 96 publications on DDoS attack and defense approaches in cloud computing published between January 2009 and December 2015, and discusses existing research trends.

253 citations

Journal ArticleDOI
TL;DR: An in-depth survey and discussion of existing SDN-based DDoS attack detection and mitigation mechanisms, and they are classified with respect to the detection techniques and how this framework can be utilized to secure applications built for smart cities.
Abstract: Distributed denial-of-service (DDoS) attacks have become a weapon of choice for hackers, cyber extortionists, and cyber terrorists. These attacks can swiftly incapacitate a victim, causing huge revenue losses. Despite the large number of traditional mitigation solutions that exists today, DDoS attacks continue to grow in frequency, volume, and severity. This calls for a new network paradigm to address the requirements of today’s challenging security threats. Software-defined networking (SDN) is an emerging network paradigm which has gained significant traction by many researchers to address the requirement of today’s data centers. Inspired by the capabilities of SDN, we present a comprehensive survey of existing SDN-based DDoS attack detection and mitigation solutions. We classify solutions based on DDoS attack detection techniques and identify requirements of an effective solution. Based on our findings, we propose a novel framework for detection and mitigation of DDoS attacks in a large-scale network which comprises a smart city built on SDN infrastructure. Our proposed framework is capable of meeting application-specific DDoS attack detection and mitigation requirements. The primary contribution of this paper is twofold. First, we provide an in-depth survey and discussion of SDN-based DDoS attack detection and mitigation mechanisms, and we classify them with respect to the detection techniques. Second, leveraging the characteristics of SDN for network security, we propose and present an SDN-based proactive DDoS Defense Framework (ProDefense). We show how this framework can be utilized to secure applications built for smart cities. Moreover, the paper highlights open research challenges, future research directions, and recommendations related to SDN-based DDoS detection and mitigation.

247 citations

Journal ArticleDOI
TL;DR: It is shown that SDN brings a new chance to defeat DDoS attacks in cloud computing environments, and good features of SDN in defeating DDoS attacked, and a number of challenges that need to be addressed to mitigate DDoS attached in SDN with cloud computing.
Abstract: Although software-defined networking (SDN) brings numerous benefits by decoupling the control plane from the data plane, there is a contradictory relationship between SDN and distributed denial-of-service (DDoS) attacks. On one hand, the capabilities of SDN make it easy to detect and to react to DDoS attacks. On the other hand, the separation of the control plane from the data plane of SDN introduces new attacks. Consequently, SDN itself may be a target of DDoS attacks. In this paper, we first discuss the new trends and characteristics of DDoS attacks in cloud computing environments. We show that SDN brings us a new chance to defeat DDoS attacks in cloud computing environments, and we summarize good features of SDN in defeating DDoS attacks. Then we review the studies about launching DDoS attacks on SDN and the methods against DDoS attacks in SDN. In addition, we discuss a number of challenges that need to be addressed to mitigate DDoS attached in SDN with cloud computing. This work can help understand how to make full use of SDN's advantages to defeat DDoS attacks in cloud computing environments and how to prevent SDN itself from becoming a victim of DDoS attacks.

215 citations

Journal ArticleDOI
TL;DR: This work makes a novel attempt to identify the need of DDoS mitigation solutions involving multi-level information flow and effective resource management during the attack, and concludes that there is a strong requirement of solutions, which are designed keeping utility computing models in mind.

191 citations

Journal ArticleDOI
TL;DR: A multi-level DDoS mitigation framework (MLDMF) to defend against DDoS attacks for IIoT, which includes the edge computinglevel, fog computing level, and cloud computing level is proposed.
Abstract: The Industrial Internet of Things is growing fast. But the rapid growth of IIoT devices raises a number of security concerns, because the IIoT device is weak in defending against malware, and the method of managing a large number of IIoT devices is awkward and inconvenient. This article proposes a multi-level DDoS mitigation framework (MLDMF) to defend against DDoS attacks for IIoT, which includes the edge computing level, fog computing level, and cloud computing level. Software defined networking is used to manage a large number of IIoT devices and to mitigate DDoS attacks in IIoT. Experimental results show the effectiveness of the proposed framework.

146 citations


Network Information
Related Topics (5)
Server
79.5K papers, 1.4M citations
85% related
Network packet
159.7K papers, 2.2M citations
84% related
Mobile computing
51.3K papers, 1M citations
84% related
Wireless ad hoc network
49K papers, 1.1M citations
83% related
Wireless network
122.5K papers, 2.1M citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202119
202034
201932
201831
201728
201618