TY - GEN
T1 - Multi-defense mechanism against DDoS in SDN based CDNi
AU - Nishat-I-Mowla,
AU - Doh, Inshil
AU - Chae, Kijoon
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2014
Y1 - 2014
N2 - Lately enhancing the capability of network services automatically and dynamically through SDN and CDN/CDNi networks has become a recent topic of research. While, in one hand, these systems can be very beneficial to control and optimize the overall network services that studies the topology, traffic paths, packet handling and such others, on the other hand, the servers in such architectures can also be a potential target for DoS and/or DDoS attacks. We, therefore, propose a mechanism for the SDN based CDNi networks to securely deliver services with a multi-defense strategy against DDoS attacks. Addition of ALTO like servers in such architectures enables mapping a very big network to provide a bird's eye view. We propose an additional marking path map in the ALTO server to trace the request packets. The next defense is a protection switch to protect the main servers. A Management Information Base (MIB) is also proposed in the SDN controller to compare and assess the request traffic coming to the protection switches.
AB - Lately enhancing the capability of network services automatically and dynamically through SDN and CDN/CDNi networks has become a recent topic of research. While, in one hand, these systems can be very beneficial to control and optimize the overall network services that studies the topology, traffic paths, packet handling and such others, on the other hand, the servers in such architectures can also be a potential target for DoS and/or DDoS attacks. We, therefore, propose a mechanism for the SDN based CDNi networks to securely deliver services with a multi-defense strategy against DDoS attacks. Addition of ALTO like servers in such architectures enables mapping a very big network to provide a bird's eye view. We propose an additional marking path map in the ALTO server to trace the request packets. The next defense is a protection switch to protect the main servers. A Management Information Base (MIB) is also proposed in the SDN controller to compare and assess the request traffic coming to the protection switches.
KW - ALTO
KW - CDN
KW - CDNi
KW - MIB
KW - SDN
UR - http://www.scopus.com/inward/record.url?scp=84938684294&partnerID=8YFLogxK
U2 - 10.1109/IMIS.2014.64
DO - 10.1109/IMIS.2014.64
M3 - Conference contribution
AN - SCOPUS:84938684294
T3 - Proceedings - 2014 8th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2014
SP - 447
EP - 451
BT - Proceedings - 2014 8th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2014
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 8th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2014
Y2 - 2 July 2014 through 4 July 2014
ER -