The Internet usage has increased rigorously in the modern scenario; cyber-attack such as DDoS attack is still the most
powerful attack that disrupts the genuine users from accessing the essential services. In application layer-based DDoS attack, attacker
uses other machine instead of using his own IP address to flood the targeted system and disrupts the services, that leads to server failure.
Most of the reputed enterprises are converting their networks to SDN (software defined networks) for cost efficiency and network
flexibility, but DDoS is one of the most launched attack on SDN layer. DDoS attack in this type of environment leads to system failure,
financial loss, data theft, and performance degradation. In our paper, extensive survey has been made to detect and prevent DDoS based
attack in application layer and SDN based environment. Finally, some of the important solutions are outlined. The solutions are
providing promising results based on various parameters.
Published In:IJCSN Journal Volume 9, Issue 2
Date of Publication : April 2020
Pages : 51-60
Figures :02
Tables : 02
Sharan A S :
is currently pursuing master's at B.M.S College of
Engineering, Banglore in Information Science department. I have
received my bachelor's degree in Computer Science and
Engineering in 2018. Got best paper award from international
conference of AICDMB, Mysuru in 2020. My research interests
lies in Artificial Intelligence, Machine learning, Image/Video
Processing and Network Security.
Radhika K R :
is a professor in B.M.S College of Engineering. She
has an experience of 23 years in teaching a wide area of subjects
in Information Science Department at BMSCE. She has 40+
publications in various reputed journal. She is a senior member of
IEEE. Her area of interests is network security, data mining, cloud
security and Biometrics.
Distributed Denial of Service, Detection, Prevention, SDN, Application Layer
In this paper, initially we discuss about the DDoS attack
and its effects. Then we have explored the famous DDoS
attacks that has taken place till date. At this point we
outline various types and strategies used by the attacker to
create application layer and SDN based DDoS attack. In
addition, we make an extensive survey on DDoS detection
using various methods in application layer and software
defined networking environment. We summaries all the
algorithms in a single table with parameters used to detect,
DDoS detection level and performance metrics used by
those algorithms. At last, we investigate the real time
problems created by attacker and try to prevent those
problems with proposed architecture. The proposed
architecture will avoid flow table overloading approach by
flow table sharing method in SDN. In application layer, we
detect the packet is genuine or not. If it is malicious and
from attacker, then we will terminate those packets. These
approaches will help us to resist the attacks.
[1] B. B. Gupta, S. Jain and P. Agrawal, "Svm based scheme
for predicting number of zombies in a ddos attack,"
Proceedings - 2011 European Intelligence and Security
Informatics Conference, EISIC Oct 2011, pp. 178- 182,
Oct 2011.
[2] S.-H. Kim, J.-H. Jun and H. Oh, "Ddos flooding attack
detection through a step-by-step investigation,"
Proceedings of the 2nd IEEE International Conference on
Networked Embedded Systems for Enterprise Applications,
pp. 1-5, 12 2011.
[3] L. Jia, "The research on ddos attack based on botnet,"
Advances in FCCS, Springer, pp. 325-330, Jan 2012.
[4] T. Karnwal, T. Sivakumar, and G. Aghila, "A comber
approach to protect cloud computing against xml ddos
and http ddos attack," IEEE, pp. 1-5, March 2012.
[5] L. Capretz, M. Mahmoud and A. Ouda, , "Cloud-based
ddos attacks and defenses," International Conference on
Information Society, i-Society 2013, pp. 67-71, Jan 2013.
[6] K. V. Rao and K. M. Prasad, "Discriminating ddos attack
traffic from flash crowd on internet threat monitor using
entropy variation," African journal of computing and ICT,
IEEE, pp. 53-62, June 2013.
[7] M. Rajarajan, S. Veluru, A. Healing and A. Olabelurin,
"Entropy clus- tering approach for improving forecasting
in ddos attacks," ICNSC 2015- 2015 IEEE 12th
International Conference on Networking, Sensing and
Control, 04 2015.
[8] Q. Yan, J. Li, F. R. Yu and Q. Gong, "Software-defined
networking (sdn) and distributed denial of service (ddos)
attacks in cloud computing environments: A survey, some
research issues, and challenges," IEEE Communications
Surveys Tutorials, vol. 18, pp. 602-622, Jan 2016.
[9] Rakshitha. M and Ashwini. B P, "A survey on detection
and mitigation of zombie attacks in cloud environment,"
2016, 2nd International Conference on Applied and
Theoretical Computing and Communication Technology
(iCATccT), Bangalore, pp. 764-769, Jan 2016.
[10] T. Gairola and K. Singh, "A review on dos and ddos
attacks in cloud environment and security solutions,"
International Journal of Computer Science and Mobile
Computing, vol. 5, pp. 136-141, July 2016.
[11] A. Sahi, D. Lai, Y. Li, and M. Diykh, "An efficient ddos
tcp flood attack detection and prevention system in a
cloud environment," IEEE Access, vol. 5, pp. 6036 -
6048, March 2017.
[12] Q. Wang, Z. Zhao, and H. Zhang, "Ddos defense
mechanism based on software defined network," 9th
IEEE International Conference on Com- munication
Software and Networks, pp. 1122-1127, May 2017.
[13] V. Kansal and M. Dave, "Proactive ddos attack detection
and isolation," 2017 International Conference on
Computer, Communications and Elec- tronics, pp. 334-
338, July 2017.
[14] D. Gautam and V. Tokekar, "An approach to analyze the
impact of ddos attack on mobile cloud computing," IEEE,
International Conference on information communication,
Instumentation and control, pp. 1-6, Aug 2017.
[15] J. Jiao, Y. Benjun, Y. Zhao, R. Stones, G. Wang, X. Liu,
S. Wang, and G. Xie, "Detecting tcp-based ddos attacks
in baidu cloud computing data centers," IEEE 36th
Symposium on Reliable Distributed System, pp. 256-
258, Sept 2017.
[16] M. Haque, S. Ali, S. Tan, Z. Yusoff, C. Lee, I. Kaspin,
and S. Ziri, "Mo- tivation of ddos attack-aware in
software defined networking controller placement,"
International Conference on Computer and Applications,
pp. 36-42, Sept 2017.
[17] D. Hyun, J. Kim, D. Hong, and J. Jeong, "Sdn-based
network security functions for effective ddos attack
mitigation," 2017 International Conference on
Information and Communication Technology
Convergence (ICTC), pp. 834-839, Oct 2017.
[18] L. Zhou and H. Guo, "Applying nfv/sdn in mitigating
ddos attacks," IEEE Region 10 Conference (TENCON),
Malaysia, pp. 2061-2066, Nov 2017.
[19] M. Myint Oo, S. Kamolphiwong, and T. Kamolphiwong,
"The design of sdn based detection for distributed denial
of service (ddos) attack," pp. 258-263, Nov 2017.
[20] C. Wang, T. Miu, X. Luo, and J. Wang, "Skyshield: A
sketch-based defense system against application layer
ddos attacks," IEEE Transactions on Information
Forensics and Security, vol. 13, pp. 1-1, March 2018.
[21] Arivudainambi D, Varun K A, and S. Chakkaravarthy,
"Lion ids: A meta-heuristics approach to detect ddos
attacks against software-defined networks," Neural
Computing and Applications, Springer, March 2018.
[22] K. Hong, Y. Kim, H. Choi, and J. Park, "Sdn-assisted
slow http ddos attack defense method," IEEE
Communications Letters, vol. PP, pp. 1-1, April 2018.
[23] K. Bhushan and B. B. Gupta, "Distributed denial of
service (ddos) attack mitigation in software defined
network (sdn)-based cloud computing en- vironment,"
Journal of Ambient Intelligence and Humanized
Computing, Springer, vol. 10, April 2018.
[24] Y. Yu, L. Guo, Y. Liu, J. Zheng, and Y. Zong, "An
efficient sdn-based ddos attack detection and rapid
response platform in vehicular networks," IEEE Access,
vol. 6, pp. 44 570-44 579, July 2018.
[25] T. V. Phan and M. Park, "Efficient distributed denial-ofservice
attack defense in sdn-based cloud," IEEE Access,
vol. 7, pp. 18 701-18 714, Sept 2019.
[26] A. Sangodoyin, B. Modu, I. Awan, and J. Pagna Disso,
"An approach to detecting distributed denial of service
attacks in software defined networks," 2018 IEEE 6th International Conference on Future Internet of Things and
Cloud (FiCloud), pp. 436-443, Aug 2018.
[27] G. Jaideep and B. Battula, "Detection of spoofed and
non-spoofed ddos attacks and discriminating them from
flash crowds," EURASIP Journal on Information Security,
Springer, vol. 2018, Dec 2018.
[28] H. Maziku, S. Shetty, and D. Nicol, "Security risk
assessment for sdn- enabled smart grids, elsevier,"
Computer Communications, vol. 133, Dec 2018.
[29] A. Bhardwaj, A. Sharma, V. Mangat, K. Saluja, and R.
Vig, "Experimental analysis of ddos attacks on openstack
cloud platform," Lecture Notes in Networks and Systems,
pp. 3-13, jan 2019.
[30] A. Serrano, Z. Pervez, Q. Wang, and J. Alcaraz-Calero,
"Towards the detection of mobile ddos attacks in 5g
multi-tenant networks," IEEE 2019 European Conference
on Networks and Communications (EuCNC), pp. 273-
277, june 2019.
[31] S. Dong, R. Jain, and K. Abbas, "A survey on distributed
denial of service (ddos) attacks in sdn and cloud
computing environments," IEEE Access, vol. PP, pp. 80
813-80 828, june 2019.
[32] A. Alsirhani, S. Sampalli, and P. Bodorik, "Ddos
detection system: Using a set of classification algorithms
controlled by fuzzy logic system in apache spark," IEEE
Transactions on Network and Service Management, pp.
936- 949, July 2019.