The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this poster, we propose leveraging intercontroller communication between two or more controllers in Software Defined Networks (SDNs) to inform other controllers about potential attacks so that they can proactively apply a mitigation strategy. We demonstrate and measure the effectiveness of our method by running a series of tests in an emulated network. We analyze our test results in terms of reducing...
In this paper, we propose a hardware-based defense system in Software-Defined Networking architecture to protect against the HTTP GET Flooding attacks, one of the most dangerous Distributed Denial of Service (DDoS) attacks in recent years. Our defense system utilizes per-URL counting mechanism and has been implemented on FPGA as an extension of a NetFPGA-based OpenFlow switch.
In this paper, we introduce a SDN(Software Defined Network) based DDoS(Distributed Denial of Service) Defense mechanism. Our mechanism employs SDN's flexibility to redirect packets. The traffic between clients and servers is relayed by a group of dynamic proxy node switches. After several shuffles, our mechanism can mitigate DDoS attack as well as quarantine attackers. The simulation results confirm...
In this paper, we propose a scheme to protect the Software Defined Network(SDN) controller from Distributed Denial-of-Service(DDoS) attacks. We first predict the amount of new requests for each openflow switch periodically based on Taylor series, and the requests will then be directed to the security gateway if the prediction value is beyond the threshold. The requests that caused the dramatic decrease...
Software-Defined Networking (SDN) emerges as a recent paradigm that grants a holistic network visibility and flexible network programmability, facilitating rapid innovation of protocol and services. Although SDN provides greater control over traffic flow than ever before, it also introduced new challenges and issues to be addressed with its management. In that light, the security and reliability of...
Software-Defined Networking (SDN) has become a promising network architecture in which network devices are controlled by a SDN Controller. Employing SDN offers an attractive solution for network security. However the attack prediction and Prevention, especially for Distributed Denial of Service (DDoS) attacks is a challenge in SDN environments. This paper, analyzes the characteristics of traffic flows...
In Software Defined Network, the controller is so vulnerable to flooding attack. By injecting spoofed request packets continuously, attackers make a burdensome process to the controller, cause bandwidth occupation in the controller-switch channel, and overload the flow table in switch. The final target of attackers is to downgrade or even shutdown the stability and quality of service of the network...
Software Defined Networking (SDN) is a promising step towards the future network. But, it still has some issue regarding the security. One of the security issues is the augmented impact of Denial of Service (DoS) attacks. In this paper, we create an application on the top of Beacon controller to mitigate the DoS attacks in the OpenFlow networks. The attacks include IP/MAC Spoofing and Bulky/Garbage...
We introduce IP Fast Hopping, easily deployable network-layer software solution against DDoS attacks. Our approach enhances server's SDN environment by providing an easy way for SDN controllers to protect servers against DDoS attacks and traffic interception by hiding of these servers behind a set of physical network switches.
Autonomic management capabilities of the Future Internet can be provided through a recently proposed service architecture called NetServ. It consists of the interconnection of programmable nodes which enable dynamic deployment and execution of network and application services. This paper shows how this architecture can be further improved by introducing the OpenFlow architecture and implementing the...
The Address Resolution Protocol (ARP) is used by computers to map logical addresses (IP) to physical addresses (MAC). However ARP is an all trusting protocol and is stateless which makes it vulnerable to many ARP cache poisoning attacks such as Man-in-the-Middle (MITM) and Denial of service (DoS) attacks. These flaws result in security breaches thus weakening the appeal of the host for exchange of...
Most single-packet IP trace back approaches that have been proposed demand routers to log the packet digests to trace back, which lead to the linear growth of the storage overhead as the forwarded packets are increasing. This paper proposes a novel single-packet IP trace back approach based on the routing path to alleviate the burden of routers. Our approach introduces the relevant theories of label...
DNS has been suffering from cache poisoning attack for a long time. The attacker sends camouflaged DNS response to trick the domain name server, and inserts malicious resource record into the cached database. Because the original DNS protocol only depends on 16-bit transaction ID to verify the response packet, it is prone to be guessed by the attacker. Although many strategies such as transaction...
Automatically learned filter table is used in many network security mechanisms to validate packets. Building filter item for each IP address in access networks can prevent IP spoofing at fine granularity but may consume large amount of filter table which is limited due to the expensive storage which is usually TCAM for high speed access. It is an urgent problem to use filter table effectively and...
Distributed denial-of-service (DDoS) attacks became one of the main Internet security problems over the last decade, threatening public web servers in particular. Although the DDoS mechanism is widely understood, its detection is a very hard task because of the similarities between normal traffic and useless packets, sent by compromised hosts to their victims. This work presents a lightweight method...
This paper will discuss how the evildoers use communication technology to commit the crime such as the crime facts and crime techniques. The analysis will be focused on the security of Internet phone and organize a prevention method of Internet phone call attack and the attention points of setting up a Internet phone. At the same time, the importance of digital evidence and digital forensics will...
The address resolution protocol (ARP) is used by computers to map network addresses (IP) to physical addresses (MAC). The protocol has proved to work well under regular circumstances, but it was not designed to cope with malicious hosts. By performing ARP cache poisoning or ARP spoofing attacks, an intruder can impersonate another host (man-in-the-middle attack) and gain access to sensitive information...
In this article, we proposed an intrusion prevention system, named cumulative-sum-based intrusion prevention system (CSIPS) which detects malicious behaviors, attacks and distributed attacks launched to remote clients and local hosts based on the cumulative sum (CUSUM) algorithm. Experimental results show that CSIPSs in a united defense environment can carry out a higher security level for the environment.
Identifying weak points of network systems and protecting them (before attackers or hackers detect and use our data to attack our systems) are regarded as essential security methods, especially on the LAN system which uses ARP protocol with holes enabling hackers to conduct ARP spoof and sniff packets on the LAN systems. Regarding Web sites with membership systems such as e-commerce Web sites and...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.