A Survey of DDoS Attacks in Application Layer and SDN Based Environments

Abstract
Authors
Keywords
Conclusion
References

The Internet usage has increased rigorously in the modern scenario; cyber-attack such as DDoS attack is still the most powerful attack that disrupts the genuine users from accessing the essential services. In application layer-based DDoS attack, attacker uses other machine instead of using his own IP address to flood the targeted system and disrupts the services, that leads to server failure. Most of the reputed enterprises are converting their networks to SDN (software defined networks) for cost efficiency and network flexibility, but DDoS is one of the most launched attack on SDN layer. DDoS attack in this type of environment leads to system failure, financial loss, data theft, and performance degradation. In our paper, extensive survey has been made to detect and prevent DDoS based attack in application layer and SDN based environment. Finally, some of the important solutions are outlined. The solutions are providing promising results based on various parameters.

Published In : IJCSN Journal Volume 9, Issue 2

Date of Publication : April 2020

Pages : 51-60

Figures :02

Tables : 02

Sharan A S : is currently pursuing master's at B.M.S College of Engineering, Banglore in Information Science department. I have received my bachelor's degree in Computer Science and Engineering in 2018. Got best paper award from international conference of AICDMB, Mysuru in 2020. My research interests lies in Artificial Intelligence, Machine learning, Image/Video Processing and Network Security.

Radhika K R : is a professor in B.M.S College of Engineering. She has an experience of 23 years in teaching a wide area of subjects in Information Science Department at BMSCE. She has 40+ publications in various reputed journal. She is a senior member of IEEE. Her area of interests is network security, data mining, cloud security and Biometrics.

Distributed Denial of Service, Detection, Prevention, SDN, Application Layer

In this paper, initially we discuss about the DDoS attack and its effects. Then we have explored the famous DDoS attacks that has taken place till date. At this point we outline various types and strategies used by the attacker to create application layer and SDN based DDoS attack. In addition, we make an extensive survey on DDoS detection using various methods in application layer and software defined networking environment. We summaries all the algorithms in a single table with parameters used to detect, DDoS detection level and performance metrics used by those algorithms. At last, we investigate the real time problems created by attacker and try to prevent those problems with proposed architecture. The proposed architecture will avoid flow table overloading approach by flow table sharing method in SDN. In application layer, we detect the packet is genuine or not. If it is malicious and from attacker, then we will terminate those packets. These approaches will help us to resist the attacks.

[1] B. B. Gupta, S. Jain and P. Agrawal, "Svm based scheme for predicting number of zombies in a ddos attack," Proceedings - 2011 European Intelligence and Security Informatics Conference, EISIC Oct 2011, pp. 178- 182, Oct 2011. [2] S.-H. Kim, J.-H. Jun and H. Oh, "Ddos flooding attack detection through a step-by-step investigation," Proceedings of the 2nd IEEE International Conference on Networked Embedded Systems for Enterprise Applications, pp. 1-5, 12 2011. [3] L. Jia, "The research on ddos attack based on botnet," Advances in FCCS, Springer, pp. 325-330, Jan 2012. [4] T. Karnwal, T. Sivakumar, and G. Aghila, "A comber approach to protect cloud computing against xml ddos and http ddos attack," IEEE, pp. 1-5, March 2012. [5] L. Capretz, M. Mahmoud and A. Ouda, , "Cloud-based ddos attacks and defenses," International Conference on Information Society, i-Society 2013, pp. 67-71, Jan 2013. [6] K. V. Rao and K. M. Prasad, "Discriminating ddos attack traffic from flash crowd on internet threat monitor using entropy variation," African journal of computing and ICT, IEEE, pp. 53-62, June 2013. [7] M. Rajarajan, S. Veluru, A. Healing and A. Olabelurin, "Entropy clus- tering approach for improving forecasting in ddos attacks," ICNSC 2015- 2015 IEEE 12th International Conference on Networking, Sensing and Control, 04 2015. [8] Q. Yan, J. Li, F. R. Yu and Q. Gong, "Software-defined networking (sdn) and distributed denial of service (ddos) attacks in cloud computing environments: A survey, some research issues, and challenges," IEEE Communications Surveys Tutorials, vol. 18, pp. 602-622, Jan 2016. [9] Rakshitha. M and Ashwini. B P, "A survey on detection and mitigation of zombie attacks in cloud environment," 2016, 2nd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT), Bangalore, pp. 764-769, Jan 2016. [10] T. Gairola and K. Singh, "A review on dos and ddos attacks in cloud environment and security solutions," International Journal of Computer Science and Mobile Computing, vol. 5, pp. 136-141, July 2016. [11] A. Sahi, D. Lai, Y. Li, and M. Diykh, "An efficient ddos tcp flood attack detection and prevention system in a cloud environment," IEEE Access, vol. 5, pp. 6036 - 6048, March 2017. [12] Q. Wang, Z. Zhao, and H. Zhang, "Ddos defense mechanism based on software defined network," 9th IEEE International Conference on Com- munication Software and Networks, pp. 1122-1127, May 2017. [13] V. Kansal and M. Dave, "Proactive ddos attack detection and isolation," 2017 International Conference on Computer, Communications and Elec- tronics, pp. 334- 338, July 2017. [14] D. Gautam and V. Tokekar, "An approach to analyze the impact of ddos attack on mobile cloud computing," IEEE, International Conference on information communication, Instumentation and control, pp. 1-6, Aug 2017. [15] J. Jiao, Y. Benjun, Y. Zhao, R. Stones, G. Wang, X. Liu, S. Wang, and G. Xie, "Detecting tcp-based ddos attacks in baidu cloud computing data centers," IEEE 36th Symposium on Reliable Distributed System, pp. 256- 258, Sept 2017. [16] M. Haque, S. Ali, S. Tan, Z. Yusoff, C. Lee, I. Kaspin, and S. Ziri, "Mo- tivation of ddos attack-aware in software defined networking controller placement," International Conference on Computer and Applications, pp. 36-42, Sept 2017. [17] D. Hyun, J. Kim, D. Hong, and J. Jeong, "Sdn-based network security functions for effective ddos attack mitigation," 2017 International Conference on Information and Communication Technology Convergence (ICTC), pp. 834-839, Oct 2017. [18] L. Zhou and H. Guo, "Applying nfv/sdn in mitigating ddos attacks," IEEE Region 10 Conference (TENCON), Malaysia, pp. 2061-2066, Nov 2017. [19] M. Myint Oo, S. Kamolphiwong, and T. Kamolphiwong, "The design of sdn based detection for distributed denial of service (ddos) attack," pp. 258-263, Nov 2017. [20] C. Wang, T. Miu, X. Luo, and J. Wang, "Skyshield: A sketch-based defense system against application layer ddos attacks," IEEE Transactions on Information Forensics and Security, vol. 13, pp. 1-1, March 2018. [21] Arivudainambi D, Varun K A, and S. Chakkaravarthy, "Lion ids: A meta-heuristics approach to detect ddos attacks against software-defined networks," Neural Computing and Applications, Springer, March 2018. [22] K. Hong, Y. Kim, H. Choi, and J. Park, "Sdn-assisted slow http ddos attack defense method," IEEE Communications Letters, vol. PP, pp. 1-1, April 2018. [23] K. Bhushan and B. B. Gupta, "Distributed denial of service (ddos) attack mitigation in software defined network (sdn)-based cloud computing en- vironment," Journal of Ambient Intelligence and Humanized Computing, Springer, vol. 10, April 2018. [24] Y. Yu, L. Guo, Y. Liu, J. Zheng, and Y. Zong, "An efficient sdn-based ddos attack detection and rapid response platform in vehicular networks," IEEE Access, vol. 6, pp. 44 570-44 579, July 2018. [25] T. V. Phan and M. Park, "Efficient distributed denial-ofservice attack defense in sdn-based cloud," IEEE Access, vol. 7, pp. 18 701-18 714, Sept 2019. [26] A. Sangodoyin, B. Modu, I. Awan, and J. Pagna Disso, "An approach to detecting distributed denial of service attacks in software defined networks," 2018 IEEE 6th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 436-443, Aug 2018. [27] G. Jaideep and B. Battula, "Detection of spoofed and non-spoofed ddos attacks and discriminating them from flash crowds," EURASIP Journal on Information Security, Springer, vol. 2018, Dec 2018. [28] H. Maziku, S. Shetty, and D. Nicol, "Security risk assessment for sdn- enabled smart grids, elsevier," Computer Communications, vol. 133, Dec 2018. [29] A. Bhardwaj, A. Sharma, V. Mangat, K. Saluja, and R. Vig, "Experimental analysis of ddos attacks on openstack cloud platform," Lecture Notes in Networks and Systems, pp. 3-13, jan 2019. [30] A. Serrano, Z. Pervez, Q. Wang, and J. Alcaraz-Calero, "Towards the detection of mobile ddos attacks in 5g multi-tenant networks," IEEE 2019 European Conference on Networks and Communications (EuCNC), pp. 273- 277, june 2019. [31] S. Dong, R. Jain, and K. Abbas, "A survey on distributed denial of service (ddos) attacks in sdn and cloud computing environments," IEEE Access, vol. PP, pp. 80 813-80 828, june 2019. [32] A. Alsirhani, S. Sampalli, and P. Bodorik, "Ddos detection system: Using a set of classification algorithms controlled by fuzzy logic system in apache spark," IEEE Transactions on Network and Service Management, pp. 936- 949, July 2019.