Summary
|
For Full-Text PDF, please login, if you are a member of IEICE, or go to Pay Per View on menu list, if you are a nonmember of IEICE. |
|
MinDoS: A Priority-Based SDN Safe-Guard Architecture for DoS Attacks Tao WANG Hongchang CHEN Chao QI Publication IEICE TRANSACTIONS on Information and Systems Vol.E101-D No.10 pp.2458-2464 Publication Date: 2018/10/01 Publicized: 2018/05/02 Online ISSN: 1745-1361 DOI: 10.1587/transinf.2017EDP7419 Type of Manuscript: PAPER Category: Information Network Keyword: software-defined networking, denial-of-service attack, priority queue, round-robin scheme, Full Text: PDF(1.6MB)>>
Summary: Software-defined networking (SDN) has rapidly emerged as a promising new technology for future networks and gained considerable attention from both academia and industry. However, due to the separation between the control plane and the data plane, the SDN controller can easily become the target of denial-of service (DoS) attacks. To mitigate DoS attacks in OpenFlow networks, our solution, MinDoS, contains two key techniques/modules: the simplified DoS detection module and the priority manager. The proposed architecture sends requests into multiple buffer queues with different priorities and then schedules the processing of these flow requests to ensure better controller protection. The results show that MinDoS is effective and adds only minor overhead to the entire SDN/OpenFlow infrastructure. | ||||||||||
| ||||||||||