location: Current position: Home >> Scientific Research >> Paper Publications

FMD: A DoS mitigation scheme based on flow migration in software-defined networking

Hits:

Indexed by:期刊论文

Date of Publication:2018-06-01

Journal:INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS

Included Journals:SCIE

Volume:31

Issue:9

ISSN No.:1074-5351

Key Words:attack mitigation; denial of service attack; OpenFlow; software-defined networking

Abstract:Software-defined networking (SDN) emerges as the next generation of networking architecture, aiming to improve the network manageability and adaptability. However, because of the centralized control policy, SDN is liable to suffering from the denial of service attack in both the data plane and the control plane. To resist the attack and prevent the network from being paralyzed, we propose a novel mitigation scheme named flow migration defense, which uses a slave controller as a substitution to endure flooding requests mitigated from the master controller. Considering the special case that the normal requests may be regarded as the malicious ones, these requests are reforwarded back to the master controller on the basis of the round-robin scheduling. To prevent the master controller from being flooded by the reforwarded requests, we design the adaptive rate adjustment method to adjust the reforwarding rate. Compared with multilevel feedback queue and FloodDefender, simulations demonstrate that flow migration defense can mitigate the SDN-aimed denial of service attack efficiently with a better performance in terms of request response time, packet loss rate, and mitigation time.

Pre One:Learning Automata-Based Data Aggregation Tree Construction Framework for Cyber-Physical Systems

Next One:Broadcast tree construction framework in tactile internet via dynamic algorithm