[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3093241.3093252acmotherconferencesArticle/Chapter ViewAbstractPublication PagesiccdaConference Proceedingsconference-collections
research-article

XFirewall: A Dynamic and Additional Mitigation Against DDoS Storm

Published: 19 May 2017 Publication History

Abstract

The Distributed Denial of Service (DDoS) attack is a main concern in network security. Since the attackers have developed different techniques and methods, preventing DDoS attacks has become more difficult. Traditional firewall is ineffective in preventing DDoS attacks. In this paper, we propose a new type of firewall named XFirewall to defend against DDoS attacks. XFirewall is a temporary firewall and is created when an attack occurs. Also, XFirewall will be configured with dynamic rules based on real-time traffic analysis. We will discuss in detail the design and algorithm for generating an XFirewall.

References

[1]
"Defeating DDOS Attacks," Cisco white paper, (January 2014). Retrieved March 10, 2017 from http://www.cisco.com/c/en/us/products/collateral/security/traffic-anomaly-detector-xt-5600a/prod_white_paper0900aecd8011e927.html.
[2]
A. Aljuhani and T. Alharbi, 2017. "Virtualized network functions security attacks and vulnerabilities," The 7th IEEE Annual Computing and Communication Workshop and Conference (2017).
[3]
V. Network and I. Planning, "SDN-NFV reference architecture," no. February, pp. 1--220, 2016.
[4]
Doyle, L. What's the difference between NFV automation and NFV orchestration? Retrieved March 16, 2017 from http://searchsdn.techtarget.com/answer/Whats-the-difference-between-NFV-automation-and-NFV-orchestration.
[5]
Juan, D., Hongxin, H., Hongda, L., Zhizhong, P., Kuang-Ching, W., Gail-Joon, A., Jun, B., Younghee, P. 2015. VNGuard: An NFV/SDN combination framework for provisioning and managing virtual firewalls. 2015 IEEE Conference on Network Function Virtualization and Software Defined Network (NFV-SDN) (2015).
[6]
T. Alharbi, A. Aljuhani, and H. Liu, 2017. "Holistic DDoS mitigation using NFV," The 7th IEEE Annual Computing and Communication Workshop and Conference (2017).
[7]
Woolf, N. 2016. DDoS attack that disrupted internet was largest of its kind in history, experts say. (October 2016). Retrieved February 21, 2017 from https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
[8]
Scott Hilton. Dyn analysis summary of friday october 21 attack. Retrieved February 21, 2017 from http://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/
[9]
J. Jeong., H. Kim., and J. Park. 2015 "A framework for security services based on Software-Defined Networking,". ICTC 2015 DC2, Mar. 2015
[10]
Barna, C., Shtern, M., Smit, M., Tzerpos, V., and Litoiu, M. Model-based adaptive DoS attack mitigation. In 2012 ICSE Workshop on Software Engineering for Adaptive and Self-Managing Systems (SEAMS) (2012), pp. 119--128.
[11]
Navarikuth, M., Neelakantan, S., Sachan, K., Singh, U. P., Kumar, R. and Mallick, A. 2013. "A dynamic firewall architecture based on multi-source analysis". csi transactions on ICT 1.4 (2013): 317--329. Web.
[12]
S, Akram., I, Zubair., M, Hasan Islam. 2009. "Fully Distributed Dynamically Configurable Firewall to Resist DOS Attacks in MANET". Networked Digital Technologies, 2009. NDT '09. First International Conference on Digital Object Identifier, 2009 pp. 547--549"

Cited By

View all
  • (2023)Mitigation of Distributed Denial of Service (DDoS) Attack Using Network Function Virtualization (NFV)—A SurveySecurity, Privacy and Data Analytics10.1007/978-981-99-3569-7_22(311-317)Online publication date: 19-Aug-2023
  • (2021)Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking EnvironmentsIEEE Access10.1109/ACCESS.2021.30629099(42236-42264)Online publication date: 2021
  • (2019)Proactive Load Shifting for Distributed SDN Control Plane Architecture2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC)10.1109/CCNC.2019.8651738(1-8)Online publication date: Jan-2019

Index Terms

  1. XFirewall: A Dynamic and Additional Mitigation Against DDoS Storm

    Recommendations

    Comments

    Please enable JavaScript to view thecomments powered by Disqus.

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    ICCDA '17: Proceedings of the International Conference on Compute and Data Analysis
    May 2017
    307 pages
    ISBN:9781450352413
    DOI:10.1145/3093241
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    In-Cooperation

    • University of Florida: University of Florida

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 19 May 2017

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. DDoS
    2. Firewall
    3. NFV
    4. Network
    5. Security

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    ICCDA '17

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)3
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 09 Jan 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2023)Mitigation of Distributed Denial of Service (DDoS) Attack Using Network Function Virtualization (NFV)—A SurveySecurity, Privacy and Data Analytics10.1007/978-981-99-3569-7_22(311-317)Online publication date: 19-Aug-2023
    • (2021)Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking EnvironmentsIEEE Access10.1109/ACCESS.2021.30629099(42236-42264)Online publication date: 2021
    • (2019)Proactive Load Shifting for Distributed SDN Control Plane Architecture2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC)10.1109/CCNC.2019.8651738(1-8)Online publication date: Jan-2019

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media