SDN Based Collaborative Scheme for Mitigation of DDoS Attacks
AbstractSoftware Defined Networking (SDN) has proved itself to be a backbone in the new network design and is quickly becoming an industry standard. The idea of separation of control plane and data plane is the key concept behind SDN. SDN not only allows us to program and monitor our networks but it also helps in mitigating some key network problems. Distributed denial of service (DDoS) attack is among them. In this paper we propose a collaborative DDoS attack mitigation scheme using SDN. We design a secure controller-to-controller (C-to-C) protocol that allows SDN-controllers lying in different autonomous systems (AS) to securely communicate and transfer attack information with each other. This enables efficient notification along the path of an ongoing attack and effective filtering of traffic near the source of attack, thus saving valuable time and network resources. We also introduced three different deployment approaches i.e., linear, central and mesh in our testbed. Based on the experimental results we demonstrate that our SDN based collaborative scheme is fast and reliable in efficiently mitigating DDoS attacks in real time with very small computational footprints. View Full-Text
Share & Cite This Article
Hameed, S.; Ahmed Khan, H. SDN Based Collaborative Scheme for Mitigation of DDoS Attacks. Future Internet 2018, 10, 23.
Hameed S, Ahmed Khan H. SDN Based Collaborative Scheme for Mitigation of DDoS Attacks. Future Internet. 2018; 10(3):23.Chicago/Turabian Style
Hameed, Sufian; Ahmed Khan, Hassan. 2018. "SDN Based Collaborative Scheme for Mitigation of DDoS Attacks." Future Internet 10, no. 3: 23.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.