DDoS attacks & defense mechanisms in SDN-enabled cloud: Taxonomy, review and research challenges

IF 13.3 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computer Science Review Pub Date : 2024-06-04 DOI:10.1016/j.cosrev.2024.100644

Jasmeen Kaur Chahal , Abhinav Bhandari , Sunny Behal

{"title":"DDoS attacks & defense mechanisms in SDN-enabled cloud: Taxonomy, review and research challenges","authors":"Jasmeen Kaur Chahal , Abhinav Bhandari , Sunny Behal","doi":"10.1016/j.cosrev.2024.100644","DOIUrl":null,"url":null,"abstract":"<div><p>Software-defined Networking (SDN) is a transformative approach for addressing the limitations of legacy networks due to decoupling of control planes from data planes. It offers increased programmability and flexibility for designing of cloud-based data centers. SDN-Enabled cloud data centers help in managing the huge traffic very effectively and efficiently. However, the security of SDN-Enabled Cloud data centers against different attacks is a key concern for cloud security professionals. Distributed Denial of Service Attacks have emerged as one of the most devastating attacks that constantly worried the entire cloud security research community. To prelude this, it is pertinent to fundamentally focus on classification of these attacks and their defence strategies in an effective way which has been the basis of this research paper. The aim of this paper is to formulate and conceptualize the taxonomies of DDoS attacks and its Défense mechanisms. Improved taxonomy of DDoS attacks highlights the various vulnerable points of vulnerability in SDN-enabled cloud architecture. Additionally, a taxonomy of defence mechanisms offers an extensive survey of recent techniques for detecting and mitigating DDoS attacks in the SDN-enabled cloud environment. Finally, we discuss the open research issues and challenges for the cloud security research community for carrying out future research and investigation.</p></div>","PeriodicalId":48633,"journal":{"name":"Computer Science Review","volume":"53 ","pages":"Article 100644"},"PeriodicalIF":13.3000,"publicationDate":"2024-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science Review","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574013724000285","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Software-defined Networking (SDN) is a transformative approach for addressing the limitations of legacy networks due to decoupling of control planes from data planes. It offers increased programmability and flexibility for designing of cloud-based data centers. SDN-Enabled cloud data centers help in managing the huge traffic very effectively and efficiently. However, the security of SDN-Enabled Cloud data centers against different attacks is a key concern for cloud security professionals. Distributed Denial of Service Attacks have emerged as one of the most devastating attacks that constantly worried the entire cloud security research community. To prelude this, it is pertinent to fundamentally focus on classification of these attacks and their defence strategies in an effective way which has been the basis of this research paper. The aim of this paper is to formulate and conceptualize the taxonomies of DDoS attacks and its Défense mechanisms. Improved taxonomy of DDoS attacks highlights the various vulnerable points of vulnerability in SDN-enabled cloud architecture. Additionally, a taxonomy of defence mechanisms offers an extensive survey of recent techniques for detecting and mitigating DDoS attacks in the SDN-enabled cloud environment. Finally, we discuss the open research issues and challenges for the cloud security research community for carrying out future research and investigation.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

支持 SDN 的云中的 DDoS 攻击和防御机制：分类、回顾与研究挑战

软件定义网络（Software-defined Networking，SDN）是一种变革性方法，可解决传统网络因控制平面与数据平面解耦而产生的局限性。它为设计基于云的数据中心提供了更高的可编程性和灵活性。支持 SDN 的云数据中心有助于高效管理巨大的流量。然而，SDN-Enabled 云数据中心针对不同攻击的安全性是云安全专业人员关注的一个关键问题。分布式拒绝服务攻击是最具破坏性的攻击之一，一直困扰着整个云安全研究界。在此之前，有必要从根本上关注这些攻击的分类及其有效的防御策略，这也是本研究论文的基础。本文旨在对 DDoS 攻击及其防御机制进行分类和概念化。改进后的 DDoS 攻击分类法强调了启用 SDN 的云架构中的各种易受攻击点。此外，防御机制分类法还提供了在支持 SDN 的云环境中检测和缓解 DDoS 攻击的最新技术的广泛调查。最后，我们讨论了云安全研究界在开展未来研究和调查方面面临的公开研究课题和挑战。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Computer Science Review Computer Science-General Computer Science

CiteScore

32.70

自引率

0.00%

发文量

审稿时长

51 days

期刊介绍： Computer Science Review, a publication dedicated to research surveys and expository overviews of open problems in computer science, targets a broad audience within the field seeking comprehensive insights into the latest developments. The journal welcomes articles from various fields as long as their content impacts the advancement of computer science. In particular, articles that review the application of well-known Computer Science methods to other areas are in scope only if these articles advance the fundamental understanding of those methods.