SDN-based network security functions for effective DDoS attack mitigation
| Autor: | Jaehoon Jeong, Jinyoug Kim, Dongjin Hong, Daeyoung Hyun |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
NETCONF
Source code Network packet Computer science Network security business.industry computer.internet_protocol media_common.quotation_subject 020206 networking & telecommunications Denial-of-service attack 02 engineering and technology Computer security computer.software_genre Telecommunications network Server 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing business Software-defined networking computer media_common |
| Zdroj: | ICTC |
| DOI: | 10.1109/ictc.2017.8190794 |
| Popis: | Distributed Denial of Service (DDoS) attack has been bringing serious security concerns on banks, finance incorporation, public institutions, and data centers. Also, the emerging wave of Internet of Things (IoT) raises new concerns on the smart devices. Software Defined Networking (SDN) and Network Functions Virtualization (NFV) have provided a new paradigm for network security. In this paper, we propose a new method to efficiently prevent DDoS attacks, based on a SDN/NFV framework. To resolve the problem that normal packets are blocked due to the inspection on suspicious packets, we developed a threshold-based method that provides a client with an efficient, fast DDoS attack mitigation. In addition, we use open source code to develop the security functions in order to implement our solution for SDN-based network security functions. The source code is based on NETCONF protocol [1] and YANG Data Model [2]. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|