基于信息论的软件定义网络控制器DDoS攻击检测方法综述

Pub Date : 2021-04-22 DOI:10.46300/9109.2021.15.9
M. Aladaileh, Mohammed Anbar, I. Hasbullah, Yousef K. Sanjalawe
{"title":"基于信息论的软件定义网络控制器DDoS攻击检测方法综述","authors":"M. Aladaileh, Mohammed Anbar, I. Hasbullah, Yousef K. Sanjalawe","doi":"10.46300/9109.2021.15.9","DOIUrl":null,"url":null,"abstract":"The number of network users and devices has exponentially increased in the last few decades, giving rise to sophisticated security threats while processing users’ and devices’ network data. Software-Defined Networking (SDN) introduces many new features, but none is more revolutionary than separating the control plane from the data plane. The separation helps DDoS attack detection mechanisms by introducing novel features and functionalities. Since the controller is the most critical part of the SDN network, its ability to control and monitor network traffic flow behavior ensures the network functions properly and smoothly. However, the controller’s importance to the SDN network makes it an attractive target for attackers. Distributed Denial of Service (DDoS) attack is one of the major threats to network security. This paper presents a comprehensive review of information theory-based approaches to detect low-rate and high-rate DDoS attacks on SDN controllers. Additionally, this paper provides a qualitative comparison between this work and the existing reviews on DDoS attack detection approaches using various metrics to highlight this work’s uniqueness. Moreover, this paper provides in-depth discussion and insight into the existing DDoS attack detection approaches to point out their weaknesses that open the avenue for future research directions. Meanwhile, the finding of this paper can be used by other researchers to propose a new or enhanced approach to protect SDN controllers from the threats of DDoS attacks by accurately detecting both low-rate and high-rate DDoS attacks.","PeriodicalId":0,"journal":{"name":"","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2021-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Information Theory-based Approaches to Detect DDoS Attacks on Software-defined Networking Controller a Review\",\"authors\":\"M. Aladaileh, Mohammed Anbar, I. Hasbullah, Yousef K. Sanjalawe\",\"doi\":\"10.46300/9109.2021.15.9\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The number of network users and devices has exponentially increased in the last few decades, giving rise to sophisticated security threats while processing users’ and devices’ network data. Software-Defined Networking (SDN) introduces many new features, but none is more revolutionary than separating the control plane from the data plane. The separation helps DDoS attack detection mechanisms by introducing novel features and functionalities. Since the controller is the most critical part of the SDN network, its ability to control and monitor network traffic flow behavior ensures the network functions properly and smoothly. However, the controller’s importance to the SDN network makes it an attractive target for attackers. Distributed Denial of Service (DDoS) attack is one of the major threats to network security. This paper presents a comprehensive review of information theory-based approaches to detect low-rate and high-rate DDoS attacks on SDN controllers. Additionally, this paper provides a qualitative comparison between this work and the existing reviews on DDoS attack detection approaches using various metrics to highlight this work’s uniqueness. Moreover, this paper provides in-depth discussion and insight into the existing DDoS attack detection approaches to point out their weaknesses that open the avenue for future research directions. Meanwhile, the finding of this paper can be used by other researchers to propose a new or enhanced approach to protect SDN controllers from the threats of DDoS attacks by accurately detecting both low-rate and high-rate DDoS attacks.\",\"PeriodicalId\":0,\"journal\":{\"name\":\"\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0,\"publicationDate\":\"2021-04-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.46300/9109.2021.15.9\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.46300/9109.2021.15.9","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

摘要

在过去几十年中,网络用户和设备的数量呈指数级增长,在处理用户和设备网络数据的同时,引发了复杂的安全威胁。软件定义网络(SDN)引入了许多新功能,但最具革命性的莫过于将控制平面与数据平面分离。这种分离通过引入新的特性和功能来帮助DDoS攻击检测机制。由于控制器是SDN网络中最关键的部分,其控制和监控网络流量行为的能力确保了网络的正常平稳运行。然而,控制器对SDN网络的重要性使其成为攻击者的一个有吸引力的目标。分布式拒绝服务(DDoS)攻击是网络安全的主要威胁之一。本文全面回顾了基于信息论的方法来检测SDN控制器上的低速率和高速率DDoS攻击。此外,本文还对这项工作与现有的DDoS攻击检测方法进行了定性比较,使用了各种指标来强调这项工作的独特性。此外,本文对现有的DDoS攻击检测方法进行了深入的讨论和洞察,指出了它们的弱点,为未来的研究方向开辟了道路。同时,本文的发现可供其他研究人员使用,通过准确检测低速率和高速率DDoS攻击,提出一种新的或增强的方法来保护SDN控制器免受DDoS攻击的威胁。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
Information Theory-based Approaches to Detect DDoS Attacks on Software-defined Networking Controller a Review
The number of network users and devices has exponentially increased in the last few decades, giving rise to sophisticated security threats while processing users’ and devices’ network data. Software-Defined Networking (SDN) introduces many new features, but none is more revolutionary than separating the control plane from the data plane. The separation helps DDoS attack detection mechanisms by introducing novel features and functionalities. Since the controller is the most critical part of the SDN network, its ability to control and monitor network traffic flow behavior ensures the network functions properly and smoothly. However, the controller’s importance to the SDN network makes it an attractive target for attackers. Distributed Denial of Service (DDoS) attack is one of the major threats to network security. This paper presents a comprehensive review of information theory-based approaches to detect low-rate and high-rate DDoS attacks on SDN controllers. Additionally, this paper provides a qualitative comparison between this work and the existing reviews on DDoS attack detection approaches using various metrics to highlight this work’s uniqueness. Moreover, this paper provides in-depth discussion and insight into the existing DDoS attack detection approaches to point out their weaknesses that open the avenue for future research directions. Meanwhile, the finding of this paper can be used by other researchers to propose a new or enhanced approach to protect SDN controllers from the threats of DDoS attacks by accurately detecting both low-rate and high-rate DDoS attacks.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1