个人信息Personal Information
教授
博士生导师
硕士生导师
主要任职:Dean of School of Software
性别:男
毕业院校:哈尔滨工程大学
学位:博士
所在单位:软件学院、国际信息与软件学院
学科:软件工程. 计算机应用技术
联系方式:wgwdut@dlut.edu.cn
电子邮箱:wgwdut@dlut.edu.cn
FMD: A DoS mitigation scheme based on flow migration in software-defined networking
点击次数:
论文类型:期刊论文
发表时间:2018-06-01
发表刊物:INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS
收录刊物:SCIE
卷号:31
期号:9
ISSN号:1074-5351
关键字:attack mitigation; denial of service attack; OpenFlow; software-defined networking
摘要:Software-defined networking (SDN) emerges as the next generation of networking architecture, aiming to improve the network manageability and adaptability. However, because of the centralized control policy, SDN is liable to suffering from the denial of service attack in both the data plane and the control plane. To resist the attack and prevent the network from being paralyzed, we propose a novel mitigation scheme named flow migration defense, which uses a slave controller as a substitution to endure flooding requests mitigated from the master controller. Considering the special case that the normal requests may be regarded as the malicious ones, these requests are reforwarded back to the master controller on the basis of the round-robin scheduling. To prevent the master controller from being flooded by the reforwarded requests, we design the adaptive rate adjustment method to adjust the reforwarding rate. Compared with multilevel feedback queue and FloodDefender, simulations demonstrate that flow migration defense can mitigate the SDN-aimed denial of service attack efficiently with a better performance in terms of request response time, packet loss rate, and mitigation time.