Advanced search
Start date
Betweenand

SecureSDN -- mitigating DDoS attacks in software defined networks

Abstract

Software Defined Networks (SDN) is a powerful paradigm that allows administrators to have a global view of the network and configure data flows using central controllers without the need to manually configure switches. As all new technologies, SDN can be used to mitigate known attacks, but it also has vulnerabilities that can be exploited. This project is interested in mitigating Distributed Denial of Service (DDoS) Attacks in SDN networks.DDoS attacks remain a great threat to the Internet. The recent years have witnessed an increasing variety on the types and increasing sizes of DDoS attacks. New attacks, called Application-Layer DDoS (AppDDoS), exploit application layer protocols (HTTP and SIP) instead of transport layer protocols (ICMP, UDP, TCP). Amplification Attacks (AmpDDoS) exploit the networking infrastructure (e.g, NTP servers) to carry out huge volume attacks (in the order of Gpbs). Finally, SDN-DDoS attacks have exploited SDN vulnerabilities to carry out new attacks in SDN.In this project, we will extend to SDN our methods for mitigating low-rate AppDDoS based on selective strategies developed in the scope of the project GT-ACTIONS together with our partner the RNP. Exploiting the fact that SDNs have a global view of the network, we can mitigate High-Rate AppDDoS attacks and AmpDDoS. On the other hand, by using selective strategies, we can mitigate SDN-DDoS that exploit SDN vulnerabilities such as Rule Inundation Attack. SecureSDN will propose, model, implement, simulate and validate in SDNs defenses using selective strategies. (AU)

Articles published in Agência FAPESP Newsletter about the research grant:
More itemsLess items
Articles published in other media outlets ( ):
More itemsLess items
VEICULO: TITULO (DATA)
VEICULO: TITULO (DATA)

Scientific publications
(References retrieved automatically from Web of Science and SciELO through information on FAPESP grants and their corresponding numbers as mentioned in the publications by the authors)
PASCOAL, TULIO A.; FONSECA, IGUATEMI E.; NIGAM, VIVEK. Slow denial-of-service attacks on software defined networks. Computer Networks, v. 173, . (15/24516-1)
DOS SANTOS, AELLISON CASSIMIRO T.; SCHNEIDER, BEN; NIGAM, VIVEK; BARRETT, C; YANG, J. TSNSCHED: Automated Schedule Generation for Time Sensitive Networking. 2019 FORMAL METHODS IN COMPUTER AIDED DESIGN (FMCAD), v. N/A, p. 9-pg., . (15/24516-1)

Please report errors in scientific publications list using this form.
X

Report errors in this page


Error details: