Manara - Qatar Research Repository
Browse
- No file added yet -

DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challenges

Download (1.02 MB)
journal contribution
submitted on 2024-09-05, 07:47 and posted on 2024-09-05, 07:48 authored by Lubna Fayez Eliyan, Roberto Di Pietro

Software Defined Networking (SDN) is a new networking paradigm where forwarding hardware is decoupled from control decisions. It promises to dramatically simplify network management and enable innovation and evolution. In SDN, network intelligence is logically centralized in software-based controllers (the control plane), while network devices (OpenFlow Switches) become simple packet-forwarding devices (the data plane) that can be programmed via an open interface (OpenFlow protocol). Such decoupling of the control plane from the data plane introduces various challenges that include security, reliability, load balancing, and traffic engineering. Dreadful security challenges in SDNs are denial of service (DoS) and distributed denial of service (DDoS) attacks. For instance, in SDNs, DoS/DDoS attacks could flood the control plane, the data plane, or the communication channel. Attacking the control plane could result in failure of the entire network, while attacking the data plane or the communication channel results in packet drop and network unavailability. In this paper we deliver several contributions that shed light on the field of DoS/DDoS attacks in SDNs, providing a complete background about the area, including attacks and analysis of the existing solutions. In particular, our contributions can be summarized as follow: we review and systematize the state-of-the-art solutions that address both DoS and DDoS attacks in SDNs through the lenses of intrinsic and extrinsic approaches. Moreover, the discussed countermeasures are organized accordingly to their focus, be it on detection, mitigation, prevention, or graceful degradation. Further, we survey the different approaches and tools adopted to implement the revised solutions. Finally, we also highlight possible future research directions to address DoS/DDoS attacks in SDNs.

Other Information

Published in: Future Generation Computer Systems
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
See article on publisher's website: https://dx.doi.org/10.1016/j.future.2021.03.011

Funding

Open Access funding provided by the Qatar National Library.

History

Language

  • English

Publisher

Elsevier

Publication Year

  • 2021

License statement

This Item is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Institution affiliated with

  • Hamad Bin Khalifa University
  • College of Science and Engineering - HBKU

Usage metrics

    College of Science and Engineering - HBKU

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC