The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
As redes definidas por software (SDN) emergiram rapidamente como uma nova tecnologia promissora para redes futuras e ganharam atenção considerável tanto da academia quanto da indústria. No entanto, devido à separação entre o plano de controle e o plano de dados, o controlador SDN pode facilmente tornar-se alvo de ataques de negação de serviço (DoS). Para mitigar ataques DoS em redes OpenFlow, nossa solução, MinDoS, contém duas técnicas/módulos principais: o módulo de detecção DoS simplificado e os votos de gerente de prioridade. A arquitetura proposta envia solicitações para múltiplas filas de buffer com diferentes prioridades e então agenda o processamento dessas solicitações de fluxo para garantir melhor proteção do controlador. Os resultados mostram que o MinDoS é eficaz e adiciona apenas uma pequena sobrecarga a toda a infraestrutura SDN/OpenFlow.
Tao WANG
National Digital Switching System Engineering and Technological Research Center
Hongchang CHEN
National Digital Switching System Engineering and Technological Research Center
Chao QI
National Digital Switching System Engineering and Technological Research Center
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copiar
Tao WANG, Hongchang CHEN, Chao QI, "MinDoS: A Priority-Based SDN Safe-Guard Architecture for DoS Attacks" in IEICE TRANSACTIONS on Information,
vol. E101-D, no. 10, pp. 2458-2464, October 2018, doi: 10.1587/transinf.2017EDP7419.
Abstract: Software-defined networking (SDN) has rapidly emerged as a promising new technology for future networks and gained considerable attention from both academia and industry. However, due to the separation between the control plane and the data plane, the SDN controller can easily become the target of denial-of service (DoS) attacks. To mitigate DoS attacks in OpenFlow networks, our solution, MinDoS, contains two key techniques/modules: the simplified DoS detection module and the priority manager. The proposed architecture sends requests into multiple buffer queues with different priorities and then schedules the processing of these flow requests to ensure better controller protection. The results show that MinDoS is effective and adds only minor overhead to the entire SDN/OpenFlow infrastructure.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2017EDP7419/_p
Copiar
@ARTICLE{e101-d_10_2458,
author={Tao WANG, Hongchang CHEN, Chao QI, },
journal={IEICE TRANSACTIONS on Information},
title={MinDoS: A Priority-Based SDN Safe-Guard Architecture for DoS Attacks},
year={2018},
volume={E101-D},
number={10},
pages={2458-2464},
abstract={Software-defined networking (SDN) has rapidly emerged as a promising new technology for future networks and gained considerable attention from both academia and industry. However, due to the separation between the control plane and the data plane, the SDN controller can easily become the target of denial-of service (DoS) attacks. To mitigate DoS attacks in OpenFlow networks, our solution, MinDoS, contains two key techniques/modules: the simplified DoS detection module and the priority manager. The proposed architecture sends requests into multiple buffer queues with different priorities and then schedules the processing of these flow requests to ensure better controller protection. The results show that MinDoS is effective and adds only minor overhead to the entire SDN/OpenFlow infrastructure.},
keywords={},
doi={10.1587/transinf.2017EDP7419},
ISSN={1745-1361},
month={October},}
Copiar
TY - JOUR
TI - MinDoS: A Priority-Based SDN Safe-Guard Architecture for DoS Attacks
T2 - IEICE TRANSACTIONS on Information
SP - 2458
EP - 2464
AU - Tao WANG
AU - Hongchang CHEN
AU - Chao QI
PY - 2018
DO - 10.1587/transinf.2017EDP7419
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E101-D
IS - 10
JA - IEICE TRANSACTIONS on Information
Y1 - October 2018
AB - Software-defined networking (SDN) has rapidly emerged as a promising new technology for future networks and gained considerable attention from both academia and industry. However, due to the separation between the control plane and the data plane, the SDN controller can easily become the target of denial-of service (DoS) attacks. To mitigate DoS attacks in OpenFlow networks, our solution, MinDoS, contains two key techniques/modules: the simplified DoS detection module and the priority manager. The proposed architecture sends requests into multiple buffer queues with different priorities and then schedules the processing of these flow requests to ensure better controller protection. The results show that MinDoS is effective and adds only minor overhead to the entire SDN/OpenFlow infrastructure.
ER -