Loading…
A survey of link flooding attacks in software defined network ecosystems
Link Flooding Attacks (LFA) are a devastating type of stealthy denial of service attack that congests critical network links and can completely isolate the victim's network. In this work, we present a systematic survey of LFA patterns on all the layers of the Software Defined Network (SDN) ecos...
Saved in:
Published in: | Journal of network and computer applications 2020-12, Vol.172, p.102803, Article 102803 |
---|---|
Main Authors: | , , , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Link Flooding Attacks (LFA) are a devastating type of stealthy denial of service attack that congests critical network links and can completely isolate the victim's network. In this work, we present a systematic survey of LFA patterns on all the layers of the Software Defined Network (SDN) ecosystem, along with a comparative analysis of mitigation techniques. The paper starts by examining different LFA types, techniques, and behaviors in wired and wireless SDNs. Next, an in-depth analysis of mitigation techniques is presented along with their suitability for each of the SDN variants. Subsequently, the significance of a pattern matching and machine learning-based detection and mitigation approaches as a defense against these attacks is highlighted. The paper also contributes by discussing the vulnerabilities of in-band SDNs against LFA when the interface of the data/control plane is attacked by saturating shared strategic links through stealth flows. |
---|---|
ISSN: | 1084-8045 1095-8592 |
DOI: | 10.1016/j.jnca.2020.102803 |