[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

Dalmazo et al., 2021 - Google Patents

A systematic review on distributed denial of service attack defense mechanisms in programmable networks

Dalmazo et al., 2021

View PDF
Document ID
4549038005156978321
Author
Dalmazo B
Marques J
Costa L
Bonfim M
Carvalho R
da Silva A
Fernandes S
Bordim J
Alchieri E
Schaeffer‐Filho A
Paschoal Gaspary L
Cordeiro W
Publication year
Publication venue
International Journal of Network Management

External Links

Snippet

Design flaws and vulnerabilities inherent to network protocols, devices, and services make Distributed Denial of Service (DDoS) a persisting threat in the cyberspace, despite decades of research efforts in the area. The historical vertical integration of traditional IP networks …
Continue reading at onlinelibrary.wiley.com (PDF) (other versions)

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0254Stateful filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Similar Documents

Publication Publication Date Title
Abou El Houda et al. Cochain-SC: An intra-and inter-domain DDoS mitigation scheme based on blockchain using SDN and smart contract
Singh et al. Detection and mitigation of DDoS attacks in SDN: A comprehensive review, research challenges and future directions
Lima Filho et al. Smart detection: an online approach for DoS/DDoS attack detection using machine learning
Sahoo et al. Toward secure software-defined networks against distributed denial of service attack
Yurekten et al. SDN-based cyber defense: A survey
Gupta et al. Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a cloud computing environment
Dayal et al. Research trends in security and DDoS in SDN
Deb et al. A comprehensive survey of vulnerability and information security in SDN
Dalmazo et al. A systematic review on distributed denial of service attack defense mechanisms in programmable networks
Manavi Defense mechanisms against distributed denial of service attacks: A survey
Patel et al. An intrusion detection and prevention system in cloud computing: A systematic review
Muthamil Sudar et al. A two level security mechanism to detect a DDoS flooding attack in software-defined networks using entropy-based and C4. 5 technique
Krishnan et al. SDN/NFV security framework for fog‐to‐things computing infrastructure
Cao et al. {CAUDIT}: Continuous Auditing of {SSH} Servers To Mitigate {Brute-Force} Attacks
Zhou et al. A dynamic and lightweight framework to secure source addresses in the SDN-based networks
Joëlle et al. Strategies for detecting and mitigating DDoS attacks in SDN: A survey
Singh et al. A Comprehensive Survey on DDoS Attacks Detection & Mitigation in SDN-IoT Network
Bamasag et al. Real-time DDoS flood attack monitoring and detection (RT-AMD) model for cloud computing
Zeleke et al. Efficient intrusion detection system for SDN orchestrated Internet of Things
Karnani et al. A comprehensive survey on low-rate and high-rate DDoS defense approaches in SDN: taxonomy, research challenges, and opportunities
Demırcı et al. Virtual security functions and their placement in software defined networks: A survey
Villalobos et al. An unsupervised approach for online detection and mitigation of high-rate DDoS attacks based on an in-memory distributed graph using streaming data and analytics
Ayodele et al. SDN as a defence mechanism: a comprehensive survey
Chahal et al. DDoS attacks & defense mechanisms in SDN-enabled cloud: Taxonomy, review and research challenges
Kaur et al. Investigation of application layer DDoS attacks in legacy and software-defined networks: A comprehensive review