A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks

Distributed Denial of Service (DDoS) attack is a major threat to Internet based killer applications, such as independent news web sites, e-business and online games. Detecting and blocking such clever attacks has become difficult. Software-Defined Networks (SDN) has emerged as a future communication...

Full description

Saved in:

Bibliographic Details
Published in	International Conference on Frontier of Computer Science and Technology (Print) pp. 325 - 329
Main Authors	Shibo Luo, Jun Wu, Jianhua Li, Bei Pei
Format	Conference Proceeding
Language	English
Published	IEEE 01.08.2015
Subjects	Central Control Computer crime Control systems Distributed Denial of Service Floods IP networks Ports (Computers) Programmability Protocols Software-Defined Networks
Online Access	Get full text
ISSN	2159-6301
DOI	10.1109/FCST.2015.11

Cover

Abstract	Distributed Denial of Service (DDoS) attack is a major threat to Internet based killer applications, such as independent news web sites, e-business and online games. Detecting and blocking such clever attacks has become difficult. Software-Defined Networks (SDN) has emerged as a future communication network architecture which decouples network control and forwarding. It has some particular features such as central control and programmability to combat against DDoS attack. In this paper, we survey DDoS attacks and existing defense mechanisms, and draw a conclusion of the needs of defense mechanism for successful combating against DDoS. Then, we analyze the particular features of SDN and conclude it is conducive to countermeasure DDoS attack. According the analysis, we construct a defense mechanism for DDoS in SDN. At last, we illustrate how this mechanism could combat against DDoS attacks through a working example.
AbstractList	Distributed Denial of Service (DDoS) attack is a major threat to Internet based killer applications, such as independent news web sites, e-business and online games. Detecting and blocking such clever attacks has become difficult. Software-Defined Networks (SDN) has emerged as a future communication network architecture which decouples network control and forwarding. It has some particular features such as central control and programmability to combat against DDoS attack. In this paper, we survey DDoS attacks and existing defense mechanisms, and draw a conclusion of the needs of defense mechanism for successful combating against DDoS. Then, we analyze the particular features of SDN and conclude it is conducive to countermeasure DDoS attack. According the analysis, we construct a defense mechanism for DDoS in SDN. At last, we illustrate how this mechanism could combat against DDoS attacks through a working example.
Author	Shibo Luo Jun Wu Jianhua Li Bei Pei
Author_xml	– sequence: 1 surname: Shibo Luo fullname: Shibo Luo email: luoshibo.pla@sjtu.edu.cn organization: Sch. of Electron. Inf. & Electr. Eng., Shanghai Jiao Tong Univ., Shanghai, China – sequence: 2 surname: Jun Wu fullname: Jun Wu email: junwuhn@sjtu.edu.cn organization: Sch. of Electron. Inf. & Electr. Eng., Shanghai Jiao Tong Univ., Shanghai, China – sequence: 3 surname: Jianhua Li fullname: Jianhua Li organization: Sch. of Electron. Inf. & Electr. Eng., Shanghai Jiao Tong Univ., Shanghai, China – sequence: 4 surname: Bei Pei fullname: Bei Pei organization: Key Lab. of Inf. Network Security, Minist. of Public Security, Shanghai, China
BookMark	eNotkMtKAzEYRiNUsNbu3LnJC0zNZXJbltZWoeqideGqZJI_GNpmJIkW394BXX0cOJzFd41GqU-A0C0lM0qJuV8ttrsZI1QMeIGmRmnaSsUNM4KN0JhRYRrJCb1C01JiR5hUUpBWjdH7HC8hQCqAn8F92BTLCYc-42UsNcfuq4IfjBTtEfcBbyF_Rwd4Xqt1BxwT3vahnm2GZsjENMgvUM99PpQbdBnsscD0fyfobfWwWzw2m9f102K-aSIjujYKvOcA1rXKB2KBa0U1cBCdDJ5Y3THmQVqnWulabmRnrROGCt5py7ymfILu_roRAPafOZ5s_tkrPjxgDP8FPXlUnQ
CODEN	IEEPAD
ContentType	Conference Proceeding
DBID	6IE 6IL CBEJK RIE RIL
DOI	10.1109/FCST.2015.11
DatabaseName	IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present
DatabaseTitleList
Database_xml	– sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher
DeliveryMethod	fulltext_linktorsrc
EISBN	9781467392952 1467392952 1467392944 9781467392945
EndPage	329
ExternalDocumentID	7314699
Genre	orig-research
GroupedDBID	6IE 6IF 6IH 6IK 6IL 6IM 6IN AAJGR AAWTH ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI OCL RIE RIL
ID	FETCH-LOGICAL-i208t-7edd3eeac47df0ae38718e3e5b6fd0a8b22de6ac746c4396baac59153b8a2d813
IEDL.DBID	RIE
ISSN	2159-6301
IngestDate	Wed Aug 27 02:51:32 EDT 2025
IsPeerReviewed	false
IsScholarly	false
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-i208t-7edd3eeac47df0ae38718e3e5b6fd0a8b22de6ac746c4396baac59153b8a2d813
PageCount	5
ParticipantIDs	ieee_primary_7314699
PublicationCentury	2000
PublicationDate	20150801
PublicationDateYYYYMMDD	2015-08-01
PublicationDate_xml	– month: 08 year: 2015 text: 20150801 day: 01
PublicationDecade	2010
PublicationTitle	International Conference on Frontier of Computer Science and Technology (Print)
PublicationTitleAbbrev	FCST
PublicationYear	2015
Publisher	IEEE
Publisher_xml	– name: IEEE
SSID	ssib026765047 ssj0003177943
Score	1.6358048
Snippet	Distributed Denial of Service (DDoS) attack is a major threat to Internet based killer applications, such as independent news web sites, e-business and online...
SourceID	ieee
SourceType	Publisher
StartPage	325
SubjectTerms	Central Control Computer crime Control systems Distributed Denial of Service Floods IP networks Ports (Computers) Programmability Protocols Software-Defined Networks
Title	A Defense Mechanism for Distributed Denial of Service Attack in Software-Defined Networks
URI	https://ieeexplore.ieee.org/document/7314699
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
link	http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3Pa8IwFA7O007b0LHf5LDjUru2SZqj6EQGykAFd5L8eAWR1aGVwf76vbTVjbHDbiWEEPJe3_el_d57hNwjoorQZSFTBiRLQDmWWhBMmszyEBBjhU9wHo3FcJY8z_m8QR4OuTAAUIrPIPCP5b98t7Y7_6msI2N8r5U6IkfoZlWu1t53IiGRa9TU2EdhxEVZieYQ1BQT6MgH3bvqDHqTqdd18cC3DvrRV6WElcEJGe03VKlJVsGuMIH9_FWr8b87PiXt7wQ--nKApjPSgLxFXru0DxleW4GOwCf8LrdvFDkr7fviub7vFTickaNH0nVG6yhCu0Wh7YouczrBkP2hN8BwGSSnjo4rDfm2TWaDp2lvyOrOCmwZhWnBJDgXA8bcRKKdNMR4bUohBm5E5kKdmihyILSVibDIWITR2nKFwdGkOnLpY3xOmvk6hwtCcQAhzfIs5FGSCZyhcMXYcOck0pnwkrT8sSzeq-IZi_pErv4evibH3iqVwu6GNIvNDm4R9QtzV5r7C4Tequg
linkProvider	IEEE
linkToHtml	http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PS8MwFA5zHvSksom_zcGjqbVtkvY4NsfUdQjbYJ5Gk7zCGHaydQj-9b603RTx4K2EEELe6_u-tN97j5AbRFThmtRlkQLJAogMCzUIJlWquQuIscImOMcD0RsHTxM-qZHbbS4MABTiM3DsY_Ev3yz02n4qu5M-vtdRtEN2EfcDXmZrbbzHExLZRkWObRxGZJSlbA5hLWICXXmrfI_uuu3hyCq7uGObB_3orFIAS_eAxJstlXqSubPOlaM_f1Vr_O-eD0nzO4WPvmzB6YjUIGuQ1xbtQIoXV6Ax2JTf2eqNImulHVs-13a-AoMzMvRJukhpFUdoK88TPaezjA4xaH8kS2C4DNJTQwelinzVJOPuw6jdY1VvBTbz3DBnEozxAaNuINFSCfh4cQrBB65EatwkVJ5nQCRaBkIjZxEqSTSPMDyqMPFMeO8fk3q2yOCEUBxAUNM8dbkXpAJnRLiir7gxEgmNe0oa9lim72X5jGl1Imd_D1-Tvd4o7k_7j4Pnc7JvLVTq7S5IPV-u4RI5QK6uCtN_AanBrjU
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=International+Conference+on+Frontier+of+Computer+Science+and+Technology+%28Print%29&rft.atitle=A+Defense+Mechanism+for+Distributed+Denial+of+Service+Attack+in+Software-Defined+Networks&rft.au=Shibo+Luo&rft.au=Jun+Wu&rft.au=Jianhua+Li&rft.au=Bei+Pei&rft.date=2015-08-01&rft.pub=IEEE&rft.issn=2159-6301&rft.spage=325&rft.epage=329&rft_id=info:doi/10.1109%2FFCST.2015.11&rft.externalDocID=7314699
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2159-6301&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2159-6301&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2159-6301&client=summon