Applying NFV/SDN in mitigating DDoS attacks

Applying NFV/SDN in mitigating DDoS attacks
Applying NFV/SDN in mitigating DDoS attacks
Other Titles:
IEEE Region 10 Conference, TENCON 2017
Publication Date:
05 November 2017
L. Zhou and H. Guo, "Applying NFV/SDN in mitigating DDoS attacks," TENCON 2017 - 2017 IEEE Region 10 Conference, Penang, Malaysia, 2017, pp. 2061-2066. doi: 10.1109/TENCON.2017.8228200
Distributed Denial of Service (DDoS) is a widely employed attacking scheme over network that interrupts services by creating network congestion, draining server resources, or disabling normal functions of network components. An attacker launches the DDoS attack from a large number of compromised while geographically distributed devices by sending low rate seemly legitimate traffic that disturbs server’s service, or high rate large volume traffic that overwhelms victim’s processing capacity. DDoS attack mitigating approaches that apply pre-established defending strategy, functionality or capacity, and guard at fixed locations are costly and not effective either. Network Function Virtualization (NFV) supports the flexibility in on-demand function instantiation and allocation, and recently finds its applications in handling DDoS attacks. This paper proposes a NFV and Software-Defined Networking (SDN) enabled DDoS mitigation framework. In the framework, network traffic is monitored and analyzed utilizing the SDN features of central control and global network view, and the detection of anomaly traffic will trigger the actions of corresponding countermeasure computation, defending resources virtualization, instantiation, deployment and interconnection. The paper presents an application example of the proposed framework in protecting an industrial control system, and shows its effectiveness in mitigating DDoS attacks in the control system.
License type:
Funding Info:
Files uploaded:

File Size Format Action
tencon2017-1570373962.pdf 379.01 KB PDF Open