Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2018, Article ID 9649643, 15 pages
https://doi.org/10.1155/2018/9649643
Research Article

OverWatch: A Cross-Plane DDoS Attack Defense Framework with Collaborative Intelligence in SDN

College of Computer, National University of Defense Technology, Changsha, China

Correspondence should be addressed to Xiangrui Yang; nc.ude.tdun@11iurgnaixgnay

Received 28 September 2017; Accepted 18 December 2017; Published 24 January 2018

Academic Editor: Chengchen Hu

Copyright © 2018 Biao Han et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. S. Yu, Y. Tian, S. Guo, and D. O. Wu, “Can we beat DDoS attacks in clouds?” IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 9, pp. 2245–2254, 2014. View at Publisher · View at Google Scholar
  2. D. Bisson, “The 5 most significant ddos attacks of 2016,” https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/5-significant-ddos-attacks-2016/.
  3. D. Geneiatakis, G. Portokalidis, and A. D. Keromytis, “A multilayer overlay network architecture for enhancing IP services availability against DoS,” in Proceedings of the International Conference on Information Systems Security, vol. 7093, 2011.
  4. X. Liu, X. Yang, and Y. Lu, “To filter or to authorize: Network-layer DoS defense against multimillion-node botnets,” in Proceedings of the ACM SIGCOMM 2008 Conference on Data Communication, SIGCOMM'08, pp. 195–206, August 2008. View at Publisher · View at Google Scholar · View at Scopus
  5. P. Mittal, D. Kim, Y.-C. Hu, and M. Caesar, Mirage: Towards Deployable Ddos Defense for Web Applications, 2011.
  6. H. Wang, Q. Jia, D. Fleck, W. Powell, F. Li, and A. Stavrou, “A moving target DDoS defense mechanism,” Computer Communications, vol. 46, pp. 10–21, 2014. View at Publisher · View at Google Scholar · View at Scopus
  7. S. T. Zargar, J. Joshi, and D. Tipper, “A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks,” IEEE Communications Surveys & Tutorials, vol. 15, no. 4, pp. 2046–2069, 2013. View at Publisher · View at Google Scholar · View at Scopus
  8. R. Braga, E. Mota, and A. Passito, “Lightweight DDoS flooding attack detection using NOX/OpenFlow,” in Proceedings of the 35th Annual IEEE Conference on Local Computer Networks (LCN '10), pp. 408–415, Denver, Colo, USA, October 2010. View at Publisher · View at Google Scholar · View at Scopus
  9. Y. Xu and Y. Liu, “DDoS attack detection under SDN context,” in Proceedings of the 35th Annual IEEE International Conference on Computer Communications, IEEE INFOCOM 2016, pp. 1–9, April 2016. View at Publisher · View at Google Scholar · View at Scopus
  10. S. M. Mousavi and M. St-Hilaire, “Early detection of DDoS attacks against SDN controllers,” in Proceedings of the 2015 International Conference on Computing, Networking and Communications, ICNC 2015, pp. 77–81, February 2015. View at Publisher · View at Google Scholar · View at Scopus
  11. Y. Zhang, “An adaptive flow counting method for anomaly detection in SDN,” in Proceedings of the 2013 9th ACM International Conference on Emerging Networking Experiments and Technologies, CoNEXT 2013, pp. 25–30, December 2013. View at Publisher · View at Google Scholar · View at Scopus
  12. Y. Cui, L. Yan, S. Li et al., “SD-Anti-DDoS: Fast and efficient DDoS defense in software-defined networks,” Journal of Network and Computer Applications, vol. 68, pp. 65–79, 2016. View at Publisher · View at Google Scholar · View at Scopus
  13. S. Oueslati, J. Roberts, and N. Sbihi, “Flow-aware traffic control for a content-centric network,” in Proceedings of the IEEE Conference on Computer Communications, INFOCOM 2012, pp. 2417–2425, March 2012. View at Publisher · View at Google Scholar · View at Scopus
  14. S. R. Chowdhury, M. F. Bari, R. Ahmed, and R. Boutaba, “PayLess: A low cost network monitoring framework for software defined networks,” in Proceedings of the IEEE/IFIP Network Operations and Management Symposium: Management in a Software Defined World, NOMS 2014, pp. 1–9, May 2014. View at Publisher · View at Google Scholar · View at Scopus
  15. J. Seo, C. Lee, T. Shon, K.-H. Cho, and J. Moon, “A new DDoS detection model using multiple SVMs and TRA,” in Proceedings of the EUC Workshops, 2005.
  16. S. Shin, V. Yegneswaran, P. Porras, and G. Gu, “AVANT-GUARD: Scalable and vigilant switch flow management in software-defined networks,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, pp. 413–424, November 2013. View at Publisher · View at Google Scholar · View at Scopus
  17. M. Ambrosin, M. Conti, F. De Gaspari, and R. Poovendran, “LineSwitch: Tackling Control Plane Saturation Attacks in Software-Defined Networking,” IEEE/ACM Transactions on Networking, vol. 25, no. 2, pp. 1206–1219, 2017. View at Publisher · View at Google Scholar · View at Scopus
  18. X. Yang, B. Han, Z. Sun, and J. Huang, “Sdn-based ddos attack detection with cross-plane collaboration and lightweight flow monitoring,” in Proceedings of the Global Communications Conference, 2017.
  19. A. Mahimkar, J. Dange, V. Shmatikov, H. M. Vin, and Y. Zhang, “dfence: Transparent network-based denial of service mitigation,” in Proceedings of the USENIX Symposium on Networked Systems Design and Implementation, 2007.
  20. B. Wang, Y. Zheng, W. Lou, and Y. T. Hou, “DDoS attack protection in the era of cloud computing and Software-Defined Networking,” Computer Networks, vol. 81, pp. 308–319, 2015. View at Publisher · View at Google Scholar · View at Scopus
  21. K. Kalkan, G. Gur, and F. Alagoz, “Defense Mechanisms against DDoS Attacks in SDN Environment,” IEEE Communications Magazine, vol. 55, no. 9, pp. 175–179, 2017. View at Publisher · View at Google Scholar
  22. M. Moshref, M. Yu, and R. Govindan, “Resource/accuracy tradeoffs in software-defined measurement,” in Proceedings of the 2013 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, HotSDN 2013, pp. 73–78, August 2013. View at Publisher · View at Google Scholar · View at Scopus
  23. P. Phaal, S. Panchen, and N. McKee, “InMon Corporation's sFlow: A Method for Monitoring Traffic in Switched and Routed Networks,” RFC Editor RFC3176, 2001. View at Publisher · View at Google Scholar
  24. M. Aslan and A. Matrawy, “On the impact of network state collection on the performance of SDN applications,” IEEE Communications Letters, vol. 20, no. 1, pp. 5–8, 2016. View at Publisher · View at Google Scholar · View at Scopus
  25. Z. Cai, Z. Wang, K. Zheng, and J. Cao, “A Distributed TCAM coprocessor architecture for integrated longest prefix matching, policy filtering, and content filtering,” IEEE Transactions on Computers, vol. 62, no. 3, pp. 417–427, 2013. View at Publisher · View at Google Scholar · View at Scopus
  26. S. Shin, P. A. Porras, V. Yegneswaran, M. W. Fong, G. Gu, and M. Tyson, “Fresco: Modular composable security services for software-defined networks,” in Proceedings of the Network and Distributed System Security, 2013.
  27. “Defense4all:tutorial,” https://wiki.opendaylight.org/view/Defense4All:Tutorial.
  28. J. Mao, B. Han, Z. Sun, X. Lu, and Z. Zhang, “Efficient mismatched packet buffer management with packet order-preserving for OpenFlow networks,” Computer Networks, vol. 110, pp. 91–103, 2016. View at Publisher · View at Google Scholar · View at Scopus
  29. L. Boero, M. Cello, C. Garibotto, M. Marchese, and M. Mongelli, “BeaQoS: Load balancing and deadline management of queues in an OpenFlow SDN switch,” Computer Networks, vol. 106, pp. 161–170, 2016. View at Publisher · View at Google Scholar · View at Scopus
  30. J. Sonchack, J. M. Smith, A. J. Aviv, and E. Keller, “Enabling practical software-defined networking security applications with ofx,” in Proceedings of the Network and Distributed System Security, vol. 16, pp. 1–15, 2016.
  31. D. D. Clark, C. Partridge, J. C. Ramming, and J. T. Wroclawski, “A knowledge plane for the internet,” in Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 3–10, ACM, 2003.
  32. O. S. S. Version, Openflow Switch Specification 1.5. 1 (Protocol Version 0x06), 2014.
  33. F. Tomonori, “Introduction to ryu sdn framework,” in Proceedings of the Open Networking Summit, April 2013.
  34. J. Schmidhuber, “Deep learning in neural networks: an overview,” Neural Networks, vol. 61, pp. 85–117, 2015. View at Publisher · View at Google Scholar · View at Scopus
  35. R. Gens and P. Domingos, “Deep symmetry networks,” in Proceedings of the 28th Annual Conference on Neural Information Processing Systems 2014, NIPS 2014, pp. 2537–2545, December 2014. View at Scopus
  36. L. Wang, Y. Zeng, and T. Chen, “Back propagation neural network with adaptive differential evolution algorithm for time series forecasting,” Expert Systems with Applications, vol. 42, no. 2, pp. 855–863, 2015. View at Publisher · View at Google Scholar · View at Scopus
  37. Y. Hideki, “Topology viewer,” https://github.com/osrg/ryu/blob/master/doc/source/gui.rst.
  38. S. Zhu, J. Bi, C. Sun, C. Wu, and H. Hu, “SDPA: Enhancing stateful forwarding for software-defined networking,” in Proceedings of the 23rd IEEE International Conference on Network Protocols, ICNP 2015, pp. 323–333, November 2015. View at Publisher · View at Google Scholar · View at Scopus
  39. D. Dittrich, The "Stacheldraht" Distributed Denial of Service Attack Tool, 1999.
  40. D. Intel, Data Plane Development Kit, 2015.