A survey on DDoS attacks: Router-based threats and defense mechanism in real-world data centers

Distributed Denial of Service (DDoS) attacks always remain problematic for the security of Data centers, malicious codes are injected to weaker the network and acquire unauthorized access. As protection the firewalls are initial line of defense to battle with unauthorized access, and help to the flawless transactions. Conventional firewalls rely on predefined policies to control, and policies rely on assumptions and notions. These firewalls are not so much intelligent to take run-time decision by their own at the last minute required. However if the hacker continuously stroke any port of firewall, it will hang-up and slowdown for responding, moreover chance to access the servers and entire network. This survey based on state of the art in data centers, especially DDoS challenges in DCNs, the paper based on some learning processes, which will focus to evaluate and analyse the complexity of secure connections in real-world data centers.

[1]  Benoit Hudzia,et al.  Security Framework for P2P Based Grid Systems , 2006, 2006 Fifth International Symposium on Parallel and Distributed Computing.

[2]  Guangxue Yue,et al.  DDoS Detection System Based on Data Mining , 2010 .

[3]  Albert Y. Zomaya,et al.  Quantitative comparisons of the state‐of‐the‐art data center architectures , 2013, Concurr. Comput. Pract. Exp..

[4]  David Walker,et al.  A compiler and run-time system for network programming languages , 2012, POPL '12.

[5]  James R. Knight,et al.  Genome sequencing in microfabricated high-density picolitre reactors , 2005, Nature.

[6]  David Walker,et al.  Frenetic: a network programming language , 2011, ICFP.

[7]  J. Rexford,et al.  Logic Programming for Software-Defined Networks , 2012 .

[8]  Naixue Xiong,et al.  VMPlanner: Optimizing virtual machine placement and traffic flow routing to reduce network power costs in cloud data centers , 2013, Comput. Networks.

[9]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[10]  Amin Vahdat,et al.  PortLand: a scalable fault-tolerant layer 2 data center network fabric , 2009, SIGCOMM '09.

[11]  Konstantina Papagiannaki,et al.  c-Through: part-time optics in data centers , 2010, SIGCOMM 2010.

[12]  Amin Vahdat,et al.  Helios: a hybrid electrical/optical switch architecture for modular data centers , 2010, SIGCOMM '10.

[13]  J S Kharat,et al.  A VIVACIOUS APPROACH TO DETECT AND PREVENT DDoS ATTACK , 2013 .

[14]  Antonio Colella,et al.  Amplification DDoS Attacks: Emerging Threats and Defense Strategies , 2014, CD-ARES.

[15]  Cole Schlesinger,et al.  Splendid isolation: a slice abstraction for software-defined networks , 2012, HotSDN '12.

[16]  David Walker,et al.  Languages for software-defined networks , 2013, IEEE Communications Magazine.

[17]  Yonghong Chen,et al.  DDoS Detection Algorithm Based on Preprocessing Network Traffic Predicted Method and Chaos Theory , 2013, IEEE Communications Letters.

[18]  J. Koomey Worldwide electricity used in data centers , 2008 .

[19]  David Walker,et al.  Abstractions for network update , 2012, SIGCOMM '12.

[20]  Arjun Guha,et al.  Machine-verified network controllers , 2013, PLDI.

[21]  Mabry Tyson,et al.  FRESCO: Modular Composable Security Services for Software-Defined Networks , 2013, NDSS.

[22]  Vinod Yegneswaran,et al.  AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks , 2013, CCS.

[23]  Geert Deconinck,et al.  Analyzing well-known countermeasures against distributed denial of service attacks , 2012, Comput. Commun..

[24]  Benoit Hudzia,et al.  Entity Based Peer-to-Peer in a Data Grid Environment , 2006, ArXiv.

[25]  Lei Shi,et al.  Dcell: a scalable and fault-tolerant network structure for data centers , 2008, SIGCOMM '08.

[26]  Richard Froom,et al.  Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide , 2010 .

[27]  Andrew B. Whinston,et al.  Defeating distributed denial of service attacks , 2000 .

[28]  Haitao Wu,et al.  BCube: a high performance, server-centric network architecture for modular data centers , 2009, SIGCOMM '09.

[29]  Mabry Tyson,et al.  A security enforcement kernel for OpenFlow networks , 2012, HotSDN '12.

[30]  Paul Smith,et al.  OpenFlow: A security analysis , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[31]  Yang Yu,et al.  Dynamic Load Balancing Multipathing in Data Center Ethernet , 2010, 2010 IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems.

[32]  David Walker,et al.  Composing Software Defined Networks , 2013, NSDI.