SDSNM: A Software-Defined Security Networking Mechanism to Defend against DDoS Attacks
The Distributed Denial of Service (DDoS) attack has seriously harmed network availability over decades and there is still no effective defense mechanism. The emerging software-defined networking (SDN) gives a new way to rethink the defense of DDoS attacks. In this paper, we first modeled DDoS attack...
Saved in:
| Published in | International Conference on Frontier of Computer Science and Technology (Print) pp. 115 - 121 |
|---|---|
| Main Authors | , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.08.2015
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2159-6301 |
| DOI | 10.1109/FCST.2015.27 |
Cover
Loading…
| Abstract | The Distributed Denial of Service (DDoS) attack has seriously harmed network availability over decades and there is still no effective defense mechanism. The emerging software-defined networking (SDN) gives a new way to rethink the defense of DDoS attacks. In this paper, we first modeled DDoS attacks from the perspective of network architecture. Then a software-defined security networking mechanism (SDSNM) was proposed to remove or restrict these necessary conditions which were summarized from the model. The SDSNM is mainly implemented at the edge SDN networks as well as inherits the infrastructure of IP core network. The Cloud computing and Chord technologies were applied to solve the expansibility and consistency problems. Experiments based on the prototype proved that the brand new mechanism was feasible and incrementally deployable. DDoS attacks were unable to be launched if strict access control policies were used. The attacker along with hosts in botnet can be located quickly and accurately when loose access control policies were used. |
|---|---|
| AbstractList | The Distributed Denial of Service (DDoS) attack has seriously harmed network availability over decades and there is still no effective defense mechanism. The emerging software-defined networking (SDN) gives a new way to rethink the defense of DDoS attacks. In this paper, we first modeled DDoS attacks from the perspective of network architecture. Then a software-defined security networking mechanism (SDSNM) was proposed to remove or restrict these necessary conditions which were summarized from the model. The SDSNM is mainly implemented at the edge SDN networks as well as inherits the infrastructure of IP core network. The Cloud computing and Chord technologies were applied to solve the expansibility and consistency problems. Experiments based on the prototype proved that the brand new mechanism was feasible and incrementally deployable. DDoS attacks were unable to be launched if strict access control policies were used. The attacker along with hosts in botnet can be located quickly and accurately when loose access control policies were used. |
| Author | Xing, Changyou Wang, Xiulei Chen, Ming |
| Author_xml | – sequence: 1 givenname: Xiulei surname: Wang fullname: Wang, Xiulei organization: Coll. of Command Inf. Syst., PLA Univ. of Sci. & Technol., Nanjing, China – sequence: 2 givenname: Ming surname: Chen fullname: Chen, Ming organization: Coll. of Command Inf. Syst., PLA Univ. of Sci. & Technol., Nanjing, China – sequence: 3 givenname: Changyou surname: Xing fullname: Xing, Changyou organization: Coll. of Command Inf. Syst., PLA Univ. of Sci. & Technol., Nanjing, China |
| BookMark | eNotj09PwjAcQGuCiYjcvHnpFxj2335dvS2boAngYeiVtOU3bJDObDWEby-Jnt7l5SXvloxiF5GQe85mnDPzOK-azUwwns-EviJTowuuQEsjTC5GZCx4bjKQjN-Q6TAExwRoyJnSY_LR1M169URL2nRtOtkesxrbEHFHG_Q_fUhnusZ06vpDiHu6Qv9pYxiONHX0ImLcUbu3IQ6J1nXX0DIl6w_DHblu7deA039OyPv8eVO9ZMu3xWtVLrMgWJEypYtd4RwYdN5yD9orBRa4a6WVnqlc-dYCMO1a4IVDi94YD7lAAKG9lRPy8NcNiLj97sPR9uetlpd9YPIXhuhSfQ |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/FCST.2015.27 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781467392952 1467392952 1467392944 9781467392945 |
| EndPage | 121 |
| ExternalDocumentID | 7314660 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IH 6IK 6IL 6IM 6IN AAJGR AAWTH ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI OCL RIE RIL |
| ID | FETCH-LOGICAL-i208t-478d8bb69ebca1c67c446a61bf3a3c0454cfa6607bf618beaec99c652e6627ca3 |
| IEDL.DBID | RIE |
| ISSN | 2159-6301 |
| IngestDate | Wed Aug 27 02:12:25 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i208t-478d8bb69ebca1c67c446a61bf3a3c0454cfa6607bf618beaec99c652e6627ca3 |
| PageCount | 7 |
| ParticipantIDs | ieee_primary_7314660 |
| PublicationCentury | 2000 |
| PublicationDate | 20150801 |
| PublicationDateYYYYMMDD | 2015-08-01 |
| PublicationDate_xml | – month: 08 year: 2015 text: 20150801 day: 01 |
| PublicationDecade | 2010 |
| PublicationTitle | International Conference on Frontier of Computer Science and Technology (Print) |
| PublicationTitleAbbrev | FCST |
| PublicationYear | 2015 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssib026765047 ssj0003177943 |
| Score | 1.7112613 |
| Snippet | The Distributed Denial of Service (DDoS) attack has seriously harmed network availability over decades and there is still no effective defense mechanism. The... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 115 |
| SubjectTerms | Access control Authentication Computer crime DDoS DH-HEMTs IP networks network security OpenFlow software-defined networking Switches |
| Title | SDSNM: A Software-Defined Security Networking Mechanism to Defend against DDoS Attacks |
| URI | https://ieeexplore.ieee.org/document/7314660 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PS8MwFA5zJ08qm_ibHDyabk3bpPU2VocIHUI32W0k6asMsZXZIfjX-9J2E8WDt1Ka8kjS973XfN97hFzLYZ4B54opd5gznwOwUAQu04idIjT2JM2Kk5OpuJ_7D4tg0SE3Oy0MANTkM3DsZX2Wn5VmY3-VDaSH37XABH0PE7dGq7XdO1xIjDXa0Nh6YcRF2ZDmENQiJnAj73jv0WAyTmeW1xU4_GdflRpWJgck2RrUsElenE2lHfP5q1bjfy0-JP1vAR993EHTEelA0SNPaZxOk1s6oin63g-1BhZDjlFmRtO2ix2dNqxwHEQTsKLg1fsrrUqKD0KRUfWsVhhP0jguUzqqKivQ75P55G42vmdtWwW24sOwYr4Ms1BrEVkelGuENJgSKuHq3FOesSX5TK7QaKlz4YYaFJgoMiLgYIvFG-Udk25RFnBCqBHo6rnhtsqkb_C1WRTlGFJpE8gsEvKU9OycLN-ayhnLdjrO_r59TvbtkjT0ugvSrdYbuETIr_RVvdZfTiaodA |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PT8IwFG6IHvSkBoy_7cGjBVa2dvVGmASVEZOB4Uba7s0QIxgcMfGv95UNjMaDt2VZl5e2e9_X9fteCbmSzSwFzjXTXjNjPgdgoQg8ZhA7RWjdTpozJ8cD0Rv59-NgXCHXGy8MAKzEZ1B3l6u9_HRul-5XWUO28LsWuEDfRtz3VeHWWs8eLiSyjZIcuzyMyCgL2RzCmmICp_JG-a4a3U4ydMquoM5_nqyyApbuHonXIRV6kpf6Mjd1-_mrWuN_Y94ntW8LH33cgNMBqcCsSp6SKBnEN7RNE8y-H3oBLIIMeWZKk_IcOzoodOHYiMbgbMHT91eazyk-CLOU6mc9RUZJo2ie0HaeO4t-jYy6t8NOj5UHK7Apb4Y582WYhsYI5ZRQnhXS4qJQC89kLd2yriifzTQGLU0mvNCABquUFQEHVy7e6tYh2ZrNZ3BEqBWY7Lnlrs6kb_G1qVIZkipjA5kqIY9J1fXJ5K2onTEpu-Pk79uXZKc3jPuT_t3g4ZTsuuEpxHZnZCtfLOEcCUBuLlbj_gVZY6vE |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=International+Conference+on+Frontier+of+Computer+Science+and+Technology+%28Print%29&rft.atitle=SDSNM%3A+A+Software-Defined+Security+Networking+Mechanism+to+Defend+against+DDoS+Attacks&rft.au=Wang%2C+Xiulei&rft.au=Chen%2C+Ming&rft.au=Xing%2C+Changyou&rft.date=2015-08-01&rft.pub=IEEE&rft.issn=2159-6301&rft.spage=115&rft.epage=121&rft_id=info:doi/10.1109%2FFCST.2015.27&rft.externalDocID=7314660 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2159-6301&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2159-6301&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2159-6301&client=summon |