Loading…
Emerging DDoS attack detection and mitigation strategies in software-defined networks: Taxonomy, challenges and future directions
Software-defined networking (SDN) is a network paradigm that decouples control and data planes from network devices and places them into separate entities. In SDN, the controller is responsible for controlling the logic of the entire network while network switches become forwarding elements that fol...
Saved in:
Published in: | Journal of network and computer applications 2021-08, Vol.187, p.103093, Article 103093 |
---|---|
Main Authors: | , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Software-defined networking (SDN) is a network paradigm that decouples control and data planes from network devices and places them into separate entities. In SDN, the controller is responsible for controlling the logic of the entire network while network switches become forwarding elements that follow rules to dispatch flows. There are, however, several limitations in such a paradigm, as compared to conventional networking. For example, the controller is sensitive to a broad range of attacks, including distributed denial of service (DDoS) attacks. In this paper, we provide a systematic survey of existing DDoS detection and mitigation strategies in SDN. Based on the review of articles published between 2013 and May 2020, we provide a taxonomy of DDoS detection strategies (e.g., statistical, SDN architecture, and machine learning) and emerging approaches (e.g., network function virtualization, blockchain, honeynet, network slicing, and moving target defense). We also discuss existing challenges associated with SDN security and the implementation of security solutions, prior to identifying future research opportunities.
•A taxonomy of cyberattack mitigation in software-defined networks.•Machine learning, blockchain, honeynet, statistical & SDN protocol specifications.•Application plane security challenges.•Control plane security challenges.•SDN research challenges associated with blockchain, machine learning, etc. |
---|---|
ISSN: | 1084-8045 1095-8592 |
DOI: | 10.1016/j.jnca.2021.103093 |