Eliyan et al., 2021 - Google Patents
DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challengesEliyan et al., 2021
View HTML- Document ID
- 2926809723468396863
- Author
- Eliyan L
- Di Pietro R
- Publication year
- Publication venue
- Future Generation Computer Systems
External Links
Snippet
Abstract Software Defined Networking (SDN) is a new networking paradigm where forwarding hardware is decoupled from control decisions. It promises to dramatically simplify network management and enable innovation and evolution. In SDN, network intelligence is …
- 238000011160 research 0 title abstract description 18
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/24—Flow control or congestion control depending on the type of traffic, e.g. priority or quality of service [QoS]
- H04L47/2441—Flow classification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/08—Configuration management of network or network elements
- H04L41/0893—Assignment of logical groupings to network elements; Policy based network management or configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/141—Denial of service attacks against endpoints in a network
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Eliyan et al. | DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challenges | |
| Swami et al. | Software-defined networking-based DDoS defense mechanisms | |
| Wang et al. | SGS: Safe-guard scheme for protecting control plane against DDoS attacks in software-defined networking | |
| Birkinshaw et al. | Implementing an intrusion detection and prevention system using software-defined networking: Defending against port-scanning and denial-of-service attacks | |
| Sahoo et al. | Toward secure software-defined networks against distributed denial of service attack | |
| Imran et al. | Toward an optimal solution against denial of service attacks in software defined networks | |
| Kumar et al. | SAFETY: Early detection and mitigation of TCP SYN flood utilizing entropy in SDN | |
| Mohammadi et al. | Slicots: An sdn-based lightweight countermeasure for tcp syn flooding attacks | |
| Dayal et al. | Research trends in security and DDoS in SDN | |
| Osanaiye et al. | Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework | |
| Chen et al. | SDNShield: Towards more comprehensive defense against DDoS attacks on SDN control plane | |
| US9800592B2 (en) | Data center architecture that supports attack detection and mitigation | |
| Krishnan et al. | SDN/NFV security framework for fog‐to‐things computing infrastructure | |
| Ubale et al. | Survey on DDoS attack techniques and solutions in software-defined network | |
| Conti et al. | Lightweight solutions to counter DDoS attacks in software defined networking | |
| Xu et al. | An enhanced saturation attack and its mitigation mechanism in software-defined networking | |
| Tayfour et al. | Collaborative detection and mitigation of distributed denial-of-service attacks on software-defined network | |
| Krishnan et al. | SDNFV based threat monitoring and security framework for multi-access edge computing infrastructure | |
| Raghunath et al. | Towards a secure SDN architecture | |
| Uddin et al. | Denial of service attacks in edge computing layers: Taxonomy, vulnerabilities, threats and solutions | |
| Imran et al. | DAISY: A detection and mitigation system against denial-of-service attacks in software-defined networks | |
| Ravi et al. | Aegis: Detection and mitigation of tcp syn flood on sdn controller | |
| KR101042291B1 (en) | System and method for detecting and blocking to distributed denial of service attack | |
| Rahouti et al. | SYNGuard: Dynamic threshold‐based SYN flood attack detection and mitigation in software‐defined networks | |
| Spooner et al. | A review of solutions for SDN-exclusive security issues |