Mitigation strategies for distributed denial of service (DDoS) in SDN: A survey and taxonomy

Abstract

ABSTRACT Software-defined network (SDN) plays a dominant role in meeting today’s business requirements with its ingrained features like programmability, agility, and central management. Although, distributed denial-of-service (DDoS) attacks can threaten the flexibility and availability of resources in SDN. In recent years, attackers participate actively to abuse the network elements with extensive efforts. With that, efforts have been put parallelly to defend against DDoS attacks by the researchers too. This survey performed on DDoS attack mitigation strategies in the SDN environment. As a result of this work, the mitigation taxonomy has evolved. The taxonomy of SDN DDoS mitigation strategies is categorized into four: Application plane, Control plane, Data plane, and Communication interfaces. An in-depth review of existing literature on mitigating DDoS in SDN encapsulated. This article sheds light on the nuts and bolts, strengths and limitations of mitigation strategies in SDN environment to support research and security domains.