{"title":"SDN中DDoS的检测与缓解","authors":"Bhavika Pande, G. Bhagat, S. Priya, H. Agrawal","doi":"10.1109/IC3.2018.8530551","DOIUrl":null,"url":null,"abstract":"The authors have modelled a DDoS prevention mechanism for DDoS attacks occurring in same or different domains, with help of controller in Software Defined Networking. The controllers are implemented using Ryu and Open Flow protocol. The topology for our framework consisting of controllers, switches and hosts is implemented using Mininet which emulates the network effectively. Controllers are programmed to identify victims and attackers and apply defense mechanism accordingly. The defense mechanisms used are ingress, egress and pushback after validating packet legitimacy. Ingress filtering is applied if the attacker is found to be in the same domain while egress followed by ingress is applied when the attacker is found to be of the other domain, after receiving a pushback request. The model proves to give fairly accurate results.","PeriodicalId":118388,"journal":{"name":"2018 Eleventh International Conference on Contemporary Computing (IC3)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Detection and Mitigation of DDoS in SDN\",\"authors\":\"Bhavika Pande, G. Bhagat, S. Priya, H. Agrawal\",\"doi\":\"10.1109/IC3.2018.8530551\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The authors have modelled a DDoS prevention mechanism for DDoS attacks occurring in same or different domains, with help of controller in Software Defined Networking. The controllers are implemented using Ryu and Open Flow protocol. The topology for our framework consisting of controllers, switches and hosts is implemented using Mininet which emulates the network effectively. Controllers are programmed to identify victims and attackers and apply defense mechanism accordingly. The defense mechanisms used are ingress, egress and pushback after validating packet legitimacy. Ingress filtering is applied if the attacker is found to be in the same domain while egress followed by ingress is applied when the attacker is found to be of the other domain, after receiving a pushback request. The model proves to give fairly accurate results.\",\"PeriodicalId\":118388,\"journal\":{\"name\":\"2018 Eleventh International Conference on Contemporary Computing (IC3)\",\"volume\":\"17 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 Eleventh International Conference on Contemporary Computing (IC3)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IC3.2018.8530551\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 Eleventh International Conference on Contemporary Computing (IC3)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IC3.2018.8530551","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The authors have modelled a DDoS prevention mechanism for DDoS attacks occurring in same or different domains, with help of controller in Software Defined Networking. The controllers are implemented using Ryu and Open Flow protocol. The topology for our framework consisting of controllers, switches and hosts is implemented using Mininet which emulates the network effectively. Controllers are programmed to identify victims and attackers and apply defense mechanism accordingly. The defense mechanisms used are ingress, egress and pushback after validating packet legitimacy. Ingress filtering is applied if the attacker is found to be in the same domain while egress followed by ingress is applied when the attacker is found to be of the other domain, after receiving a pushback request. The model proves to give fairly accurate results.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
