DDoS attacks & defense mechanisms in SDN-enabled cloud: Taxonomy, review and research challenges

IF 13.3 1区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Jasmeen Kaur Chahal , Abhinav Bhandari , Sunny Behal
{"title":"DDoS attacks & defense mechanisms in SDN-enabled cloud: Taxonomy, review and research challenges","authors":"Jasmeen Kaur Chahal ,&nbsp;Abhinav Bhandari ,&nbsp;Sunny Behal","doi":"10.1016/j.cosrev.2024.100644","DOIUrl":null,"url":null,"abstract":"<div><p>Software-defined Networking (SDN) is a transformative approach for addressing the limitations of legacy networks due to decoupling of control planes from data planes. It offers increased programmability and flexibility for designing of cloud-based data centers. SDN-Enabled cloud data centers help in managing the huge traffic very effectively and efficiently. However, the security of SDN-Enabled Cloud data centers against different attacks is a key concern for cloud security professionals. Distributed Denial of Service Attacks have emerged as one of the most devastating attacks that constantly worried the entire cloud security research community. To prelude this, it is pertinent to fundamentally focus on classification of these attacks and their defence strategies in an effective way which has been the basis of this research paper. The aim of this paper is to formulate and conceptualize the taxonomies of DDoS attacks and its Défense mechanisms. Improved taxonomy of DDoS attacks highlights the various vulnerable points of vulnerability in SDN-enabled cloud architecture. Additionally, a taxonomy of defence mechanisms offers an extensive survey of recent techniques for detecting and mitigating DDoS attacks in the SDN-enabled cloud environment. Finally, we discuss the open research issues and challenges for the cloud security research community for carrying out future research and investigation.</p></div>","PeriodicalId":48633,"journal":{"name":"Computer Science Review","volume":"53 ","pages":"Article 100644"},"PeriodicalIF":13.3000,"publicationDate":"2024-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science Review","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574013724000285","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Software-defined Networking (SDN) is a transformative approach for addressing the limitations of legacy networks due to decoupling of control planes from data planes. It offers increased programmability and flexibility for designing of cloud-based data centers. SDN-Enabled cloud data centers help in managing the huge traffic very effectively and efficiently. However, the security of SDN-Enabled Cloud data centers against different attacks is a key concern for cloud security professionals. Distributed Denial of Service Attacks have emerged as one of the most devastating attacks that constantly worried the entire cloud security research community. To prelude this, it is pertinent to fundamentally focus on classification of these attacks and their defence strategies in an effective way which has been the basis of this research paper. The aim of this paper is to formulate and conceptualize the taxonomies of DDoS attacks and its Défense mechanisms. Improved taxonomy of DDoS attacks highlights the various vulnerable points of vulnerability in SDN-enabled cloud architecture. Additionally, a taxonomy of defence mechanisms offers an extensive survey of recent techniques for detecting and mitigating DDoS attacks in the SDN-enabled cloud environment. Finally, we discuss the open research issues and challenges for the cloud security research community for carrying out future research and investigation.

支持 SDN 的云中的 DDoS 攻击和防御机制:分类、回顾与研究挑战
软件定义网络(Software-defined Networking,SDN)是一种变革性方法,可解决传统网络因控制平面与数据平面解耦而产生的局限性。它为设计基于云的数据中心提供了更高的可编程性和灵活性。支持 SDN 的云数据中心有助于高效管理巨大的流量。然而,SDN-Enabled 云数据中心针对不同攻击的安全性是云安全专业人员关注的一个关键问题。分布式拒绝服务攻击是最具破坏性的攻击之一,一直困扰着整个云安全研究界。在此之前,有必要从根本上关注这些攻击的分类及其有效的防御策略,这也是本研究论文的基础。本文旨在对 DDoS 攻击及其防御机制进行分类和概念化。改进后的 DDoS 攻击分类法强调了启用 SDN 的云架构中的各种易受攻击点。此外,防御机制分类法还提供了在支持 SDN 的云环境中检测和缓解 DDoS 攻击的最新技术的广泛调查。最后,我们讨论了云安全研究界在开展未来研究和调查方面面临的公开研究课题和挑战。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Computer Science Review
Computer Science Review Computer Science-General Computer Science
CiteScore
32.70
自引率
0.00%
发文量
26
审稿时长
51 days
期刊介绍: Computer Science Review, a publication dedicated to research surveys and expository overviews of open problems in computer science, targets a broad audience within the field seeking comprehensive insights into the latest developments. The journal welcomes articles from various fields as long as their content impacts the advancement of computer science. In particular, articles that review the application of well-known Computer Science methods to other areas are in scope only if these articles advance the fundamental understanding of those methods.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信