We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Mitigation of DDoS Attack Using Moving Target Defense in SDN.
- Authors
Swami, Rochak; Dave, Mayank; Ranga, Virender
- Abstract
Software-defined networking (SDN) is a trending networking paradigm that focuses on decoupling of the control logic from the data plane. This decoupling brings programmability and flexibility for the network management by introducing centralized infrastructure. The complete control logic resides in the controller, and thus it becomes the intellectual and most important entity of the SDN infrastructure. With these advantages, SDN faces several security issues in various SDN layers that may prevent the growth and global adoption of this groundbreaking technology. Control plane exhaustion and switch buffer overflow are examples of such security issues. Distributed denial-of-service (DDoS) attacks are one of the most severe attacks that aim to exhaust the controller's CPU to discontinue the whole functioning of the SDN network. Hence, it is necessary to design a defense mechanism to mitigate the attack. In this paper, we present a defense solution to mitigate spoofed flooding DDoS attacks. The proposed defense solution is implemented in the Ryu controller. The mitigation method is based on the concept of moving target defense (MTD) and the existing SDN-in-built capabilities. In this work, the experiments are performed considering the spoofed SYN flooding attack. The proposed solution is evaluated using CPU usage. The experimental results reveal that the proposed defense solution mitigates the attack effectively.
- Subjects
DENIAL of service attacks; SOFTWARE-defined networking
- Publication
Wireless Personal Communications, 2023, Vol 131, Issue 4, p2429
- ISSN
0929-6212
- Publication type
Article
- DOI
10.1007/s11277-023-10544-8