Open AccessTowards Autonomic DDoS Mitigation using Software Defined Networking
Author(s) -
Rishikesh Sahay,
Grégory Blanc,
Zonghua Zhang,
Hervé Debar
Publication year - 2015
Publication title -
hal (le centre pour la communication scientifique directe)
Language(s) - English
Resource type - Conference proceedings
DOI - 10.14722/sent.2015.23004
Subject(s) - denial of service attack , computer science , computer security , application layer ddos attack , software defined networking , software deployment , trinoo , the internet , network security , computer network , network management , world wide web , operating system
Distributed Denial of Service attacks (DDoS) have remained as one of the most destructive attacks in the Internet for over two decades. Despite tremendous efforts on the design of DDoS defense strategies, few of them have been considered for widespread deployment due to strong design assumptions on the Internet infrastructure, prohibitive operational costs and complexity. Recently, the emergence of Software Defined Networking (SDN) has offered a solution to reduce network management complexity. It is also believed to facilitate security management thanks to its programmability. To explore the advantages of using SDN to mitigate DDoS attacks, we propose a distributed collaborative framework that allows the customers to request DDoS mitigation service from ISPs. Upon request, ISPs can change the label of the anomalous traffic and redirect them to security middleboxes, while attack detection and analysis modules are deployed at customer side, avoiding privacy leakage and other legal concerns. Our preliminary analysis demonstrates that SDN has promising potential to enable autonomic mitigation of DDoS attacks, as well as other large-scale attacks
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom