A comprehensive survey of DDoS defense solutions in SDN: Taxonomy, research challenges, and future directions. Issue 110 (November 2021)
- Record Type:
- Journal Article
- Title:
- A comprehensive survey of DDoS defense solutions in SDN: Taxonomy, research challenges, and future directions. Issue 110 (November 2021)
- Main Title:
- A comprehensive survey of DDoS defense solutions in SDN: Taxonomy, research challenges, and future directions
- Authors:
- Kaur, Sukhveer
Kumar, Krishan
Aggarwal, Naveen
Singh, Gurdeep - Abstract:
- Highlights: Identified high quality research articles in the field of SDN-aimed DDoS attacks using a systematic literature review protocol. Revealed vulnerable points exploited by the attacker to launch DDoS attacks on SDN architecture so that root cause of the problem can be identified. Presented the taxonomy of DDoS defense solutions that classified the reviewed articles based on the attack targets, DDoS defense approaches, testing environment, and traffic generation mechanism. Performed critical analysis of existing literature based on attack targets and highlighted key research challenges in the SDN paradigm. Abstract: The recent emergence of technologies such as Network Functions Virtualization (NFV), Intent based Networking, Internet of Things (IoT), 5G, and Cloud Computing have led to the rapid growth of networks. The inflexibility and vendor-specific nature of traditional network devices are unable to fulfill the requirements of modern data centers. Software-Defined Networking (SDN) has captured data center space due to its innovative features viz. vendor neutrality, programmability, and centralized management. However, SDN is also facing various security threats due to weaknesses in its inherent architecture. This article has attempted to identify various vulnerable points in the SDN framework and has classified the SDN-aimed DDoS attacks based on their impacts. This article presents a systematic literature review on various DDoS defense mechanisms to protect theHighlights: Identified high quality research articles in the field of SDN-aimed DDoS attacks using a systematic literature review protocol. Revealed vulnerable points exploited by the attacker to launch DDoS attacks on SDN architecture so that root cause of the problem can be identified. Presented the taxonomy of DDoS defense solutions that classified the reviewed articles based on the attack targets, DDoS defense approaches, testing environment, and traffic generation mechanism. Performed critical analysis of existing literature based on attack targets and highlighted key research challenges in the SDN paradigm. Abstract: The recent emergence of technologies such as Network Functions Virtualization (NFV), Intent based Networking, Internet of Things (IoT), 5G, and Cloud Computing have led to the rapid growth of networks. The inflexibility and vendor-specific nature of traditional network devices are unable to fulfill the requirements of modern data centers. Software-Defined Networking (SDN) has captured data center space due to its innovative features viz. vendor neutrality, programmability, and centralized management. However, SDN is also facing various security threats due to weaknesses in its inherent architecture. This article has attempted to identify various vulnerable points in the SDN framework and has classified the SDN-aimed DDoS attacks based on their impacts. This article presents a systematic literature review on various DDoS defense mechanisms to protect the control plane, data plane, and data-control plane communication channel. In this study, a well-defined methodology is used to select the high-quality research articles of DDoS defense mechanisms in the SDN framework. Among numerous articles published in the last few years, the authors have selected 75 articles with the highest impact factor and citation. Moreover, we present the taxonomy of DDoS defense solutions that classify the reviewed articles based on the attack targets, DDoS defense approaches, testing environment, and traffic generation mechanism. Finally, we identified the research gaps and highlighted various research challenges for future research. This study is intended to serve as a ready reference for the research community to develop more efficient and reliable DDoS defense solutions in the SDN networks. … (more)
- Is Part Of:
- Computers & security. Issue 110(2021)
- Journal:
- Computers & security
- Issue:
- Issue 110(2021)
- Issue Display:
- Volume 110, Issue 110 (2021)
- Year:
- 2021
- Volume:
- 110
- Issue:
- 110
- Issue Sort Value:
- 2021-0110-0110-0000
- Page Start:
- Page End:
- Publication Date:
- 2021-11
- Subjects:
- Software-defined networking -- OpenFlow -- Distributed denial of service attack -- Data plane -- Control plane -- Security
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2021.102423 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 23819.xml