This study discusses the topic of defense against Denial-of-Service (DDoS) attacks with software-defined networking (SDN) solutions. As the increase in global DDoS attacks increases at an annual rate of 67%, it is causing enormous operational impairments, as well as financial perils to organizations. The SDN architectures augment the security on the applications and data planes with API-based programmability that makes it simpler to manage networks centrally and thwart cyberattacks with greater capacity than in the conventional networking models. It explains detection and mitigation strategies using threshold-based systems, Machine Learning (ML) techniques, and entropy-based statistical analysis methods. Research reveals how three significant DDoS cyberattacks have progressed since 2016, including the Mirai Botnet (1.2 Tbps) in 2016, the Amazon Web Services (AWS) attack (2.3 Tbps) in 2020, and the exceptional Google Cloud attack (398 million requests per second) in 2023. The primary types of mitigation options that can be kept in mind include: filtering-based techniques to filter and block out the traffic, rate-based techniques, access control services, and techniques to move around resources in order to redirect any suspicious traffic so as to analyze it further. Research indicates that implementing SDN programmable infrastructure with advanced ML models leads to detection successes of over 99%. The study enhances network resilience against evolving sophisticated DDoS threats in IoT-enabled networks.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

DDoS Attacks Mitigation Techniques and Analysis in Software-Defined Networks

  • Shalini Kumari,
  • Chander Prabha,
  • Mohammad Zubair Khan,
  • Ibrahim Aljubayri

摘要

This study discusses the topic of defense against Denial-of-Service (DDoS) attacks with software-defined networking (SDN) solutions. As the increase in global DDoS attacks increases at an annual rate of 67%, it is causing enormous operational impairments, as well as financial perils to organizations. The SDN architectures augment the security on the applications and data planes with API-based programmability that makes it simpler to manage networks centrally and thwart cyberattacks with greater capacity than in the conventional networking models. It explains detection and mitigation strategies using threshold-based systems, Machine Learning (ML) techniques, and entropy-based statistical analysis methods. Research reveals how three significant DDoS cyberattacks have progressed since 2016, including the Mirai Botnet (1.2 Tbps) in 2016, the Amazon Web Services (AWS) attack (2.3 Tbps) in 2020, and the exceptional Google Cloud attack (398 million requests per second) in 2023. The primary types of mitigation options that can be kept in mind include: filtering-based techniques to filter and block out the traffic, rate-based techniques, access control services, and techniques to move around resources in order to redirect any suspicious traffic so as to analyze it further. Research indicates that implementing SDN programmable infrastructure with advanced ML models leads to detection successes of over 99%. The study enhances network resilience against evolving sophisticated DDoS threats in IoT-enabled networks.