An Efficient DDoS Detection with Bloom Filter in SDN

Distributed Denial of Service (DDoS) attacks are becoming one of the major threats in the distributed data center networks which are loosely connected. Recent work has found new ways to attack network link instead of network servers. However, existing methods have limitations when detecting the link attacks, particularly in data store. To address this issue, in this paper, we propose an attack detection system that can deal with the link flooding attacks. Our method is based on Bloom Filter and Software-Defined Networking (SDN). We propose a real-time link attack detection system and define a two-module detection framework to detect the attacks. Then we apply our strategy in SDN. Extensive experiments on different settings have been performed, showing that our method is good at detecting the link flooding attack with high detection rates and low overhead.

[1]  Zhiyang Li,et al.  Detecting DDoS attacks against data center with correlation analysis , 2015, Comput. Commun..

[2]  Vyas Sekar,et al.  SPIFFY: Inducing Cost-Detectability Tradeoffs for Persistent Link-Flooding Attacks , 2016, NDSS.

[3]  Tuomas Aura,et al.  Denial-of-Service Attacks in Bloom-Filter-Based Forwarding , 2014, IEEE/ACM Transactions on Networking.

[4]  Adrian Perrig,et al.  The Coremelt Attack , 2009, ESORICS.

[5]  Song Guo,et al.  Can We Beat DDoS Attacks in Clouds? , 2014, IEEE Transactions on Parallel and Distributed Systems.

[6]  H. Kim,et al.  A SDN-oriented DDoS blocking scheme for botnet-based attacks , 2014, 2014 Sixth International Conference on Ubiquitous and Future Networks (ICUFN).

[7]  Kijoon Chae,et al.  Multi-defense Mechanism against DDoS in SDN Based CDNi , 2014, 2014 Eighth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[8]  Virgil D. Gligor,et al.  CoDef: collaborative defense against large-scale link-flooding attacks , 2013, CoNEXT.

[9]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[10]  Liang Chang,et al.  Bloom filter-based workflow management to enable QoS guarantee in wireless sensor networks , 2014, J. Netw. Comput. Appl..

[11]  Xiangjian He,et al.  A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis , 2014, IEEE Transactions on Parallel and Distributed Systems.

[12]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[13]  F. Richard Yu,et al.  Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[14]  Ying Lu,et al.  Topic-Sensitive Multi-document Summarization Algorithm , 2014, 2014 Sixth International Symposium on Parallel Architectures, Algorithms and Programming.

[15]  Vasilios Katos,et al.  Real time DDoS detection using fuzzy estimators , 2012, Comput. Secur..

[16]  Thierry Turletti,et al.  A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks , 2014, IEEE Communications Surveys & Tutorials.

[17]  Huang Chen,et al.  Design of IP Traceback System based on Generalized Bloom Filter , 2014 .

[18]  A. Kalwar,et al.  Low-Rate and High-Rate Distributed DoS Attack Detection Using Partial Rank Correlation , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.

[19]  Ying Lu,et al.  Topic-Sensitive Multi-document Summarization Algorithm , 2014, PAAP.

[20]  Virgil D. Gligor,et al.  The Crossfire Attack , 2013, 2013 IEEE Symposium on Security and Privacy.

[21]  Jan Vykopal,et al.  Future of DDoS Attacks Mitigation in Software Defined Networks , 2014, AIMS.

[22]  Nick Feamster,et al.  The road to SDN: an intellectual history of programmable networks , 2014, CCRV.

[23]  Zhiyang Li,et al.  Efficient subspace skyline query based on user preference using MapReduce , 2015, Ad Hoc Networks.

[24]  Yao Zheng,et al.  DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking , 2014, 2014 IEEE 22nd International Conference on Network Protocols.