DDoS Attacks Mitigation Techniques and Analysis in Software-Defined Networks
摘要
This study discusses the topic of defense against Denial-of-Service (DDoS) attacks with software-defined networking (SDN) solutions. As the increase in global DDoS attacks increases at an annual rate of 67%, it is causing enormous operational impairments, as well as financial perils to organizations. The SDN architectures augment the security on the applications and data planes with API-based programmability that makes it simpler to manage networks centrally and thwart cyberattacks with greater capacity than in the conventional networking models. It explains detection and mitigation strategies using threshold-based systems, Machine Learning (ML) techniques, and entropy-based statistical analysis methods. Research reveals how three significant DDoS cyberattacks have progressed since 2016, including the Mirai Botnet (1.2 Tbps) in 2016, the Amazon Web Services (AWS) attack (2.3 Tbps) in 2020, and the exceptional Google Cloud attack (398 million requests per second) in 2023. The primary types of mitigation options that can be kept in mind include: filtering-based techniques to filter and block out the traffic, rate-based techniques, access control services, and techniques to move around resources in order to redirect any suspicious traffic so as to analyze it further. Research indicates that implementing SDN programmable infrastructure with advanced ML models leads to detection successes of over 99%. The study enhances network resilience against evolving sophisticated DDoS threats in IoT-enabled networks.