Title :
A SDN-oriented DDoS blocking scheme for botnet-based attacks
Author :
Lim, Sharon ; Ha, Jung-Ik ; Kim, Heonhwan ; Kim, Youngjae ; Yang, Songping
Author_Institution :
Sch. of Inf., Korea Univ., Seoul, South Korea
Abstract :
DDoS attacks mounted by botnets today target a specific service, mobilizing only a small amount of legitimate-looking traffic to compromise the server. Detecting or blocking such clever attacks by only using anomalous traffic statistics has become difficult, and devising countermeasures has been mostly left to the victim server. In this paper, we investigate how a software-defined network (SDN) can be utilized to overcome the difficulty and effectively block legitimate looking DDoS attacks mounted by a larger number of bots. Specifically, we discuss a DDoS blocking application that runs over the SDN controller while using the standard OpenFlow interface.
Keywords :
client-server systems; computer network security; invasive software; protocols; telecommunication traffic; SDN controller; SDN-oriented DDoS attack blocking scheme; attack blocking; attack detection; botnet-based attacks; clever attacks; distributed denial-of-service attack; software-defined network; standard OpenFlow interface; victim server; Computer crime; Control systems; Emulation; IP networks; Ports (Computers); Servers; Standards; DDoS; POX; SDN; blocking; botnet;
Conference_Titel :
Ubiquitous and Future Networks (ICUFN), 2014 Sixth International Conf on
Conference_Location :
Shanghai
DOI :
10.1109/ICUFN.2014.6876752
