Analysis of DDoS Attack Detection Techniques for Securing Software- Defined Networks
Конференцијски прилог (Објављена верзија)
Метаподаци
Приказ свих података о документуАпстракт
Software-Defined Networks (SDN) is an important technology that enables a new approach to how we develop and manage networks. SDN divides the data plane and control plane and supports the logical centralization of network control. However, the centralized architecture of SDN is also a potential vulnerability for various types of malicious attacks. The paper elaborates on the security aspects of virtualization as a basic concept of SDN architecture. Among the many types of attack, one of the most frequent and destructive are Distributed Denial of Service (DDoS) attacks. This paper presents an analysis of techniques to detect DDoS attacks in SDN networks. It first describes the SDN architecture and then elaborates on different detection techniques for DDoS attacks. Additionally, this paper emphasizes the types, components, and categories of detection solutions according to the techniques or methods used. The important approaches and those that can answer the complexity of detecting DDoS ...attacks in SDN are the detection schemes based on entropy and machine learning principles. This paper in general focuses on these two detection techniques and summarizes their benefits and drawbacks and finally provides a guideline for future research directions related to DDoS detection techniques in SDN networks.
Кључне речи:
software-defined networking / virtualization / distributed denial of service attack / entropy / machine learning / detection schemesИзвор:
International scientific conference “Archibald Reiss Days”, 2023, 17-35Издавач:
- Belgrade : University of Criminal Investigation and Police Studies
Напомена:
- 12 International scientific conference “Archibald Reiss Days” - Investigating and Proving Contemporary Forms of Crime: Scientific Approaches, Belgrade, 8-9 November 2022
Институција/група
JakovTY - CONF AU - Čabarkapa, Danijel AU - Popović, Brankica AU - Čisar, Petar AU - Kuk, Kristijan PY - 2023 UR - http://jakov.kpu.edu.rs/handle/123456789/1530 AB - Software-Defined Networks (SDN) is an important technology that enables a new approach to how we develop and manage networks. SDN divides the data plane and control plane and supports the logical centralization of network control. However, the centralized architecture of SDN is also a potential vulnerability for various types of malicious attacks. The paper elaborates on the security aspects of virtualization as a basic concept of SDN architecture. Among the many types of attack, one of the most frequent and destructive are Distributed Denial of Service (DDoS) attacks. This paper presents an analysis of techniques to detect DDoS attacks in SDN networks. It first describes the SDN architecture and then elaborates on different detection techniques for DDoS attacks. Additionally, this paper emphasizes the types, components, and categories of detection solutions according to the techniques or methods used. The important approaches and those that can answer the complexity of detecting DDoS attacks in SDN are the detection schemes based on entropy and machine learning principles. This paper in general focuses on these two detection techniques and summarizes their benefits and drawbacks and finally provides a guideline for future research directions related to DDoS detection techniques in SDN networks. PB - Belgrade : University of Criminal Investigation and Police Studies C3 - International scientific conference “Archibald Reiss Days” T1 - Analysis of DDoS Attack Detection Techniques for Securing Software- Defined Networks SP - 17 EP - 35 UR - https://hdl.handle.net/21.15107/rcub_jakov_1530 ER -
@conference{ author = "Čabarkapa, Danijel and Popović, Brankica and Čisar, Petar and Kuk, Kristijan", year = "2023", abstract = "Software-Defined Networks (SDN) is an important technology that enables a new approach to how we develop and manage networks. SDN divides the data plane and control plane and supports the logical centralization of network control. However, the centralized architecture of SDN is also a potential vulnerability for various types of malicious attacks. The paper elaborates on the security aspects of virtualization as a basic concept of SDN architecture. Among the many types of attack, one of the most frequent and destructive are Distributed Denial of Service (DDoS) attacks. This paper presents an analysis of techniques to detect DDoS attacks in SDN networks. It first describes the SDN architecture and then elaborates on different detection techniques for DDoS attacks. Additionally, this paper emphasizes the types, components, and categories of detection solutions according to the techniques or methods used. The important approaches and those that can answer the complexity of detecting DDoS attacks in SDN are the detection schemes based on entropy and machine learning principles. This paper in general focuses on these two detection techniques and summarizes their benefits and drawbacks and finally provides a guideline for future research directions related to DDoS detection techniques in SDN networks.", publisher = "Belgrade : University of Criminal Investigation and Police Studies", journal = "International scientific conference “Archibald Reiss Days”", title = "Analysis of DDoS Attack Detection Techniques for Securing Software- Defined Networks", pages = "17-35", url = "https://hdl.handle.net/21.15107/rcub_jakov_1530" }
Čabarkapa, D., Popović, B., Čisar, P.,& Kuk, K.. (2023). Analysis of DDoS Attack Detection Techniques for Securing Software- Defined Networks. in International scientific conference “Archibald Reiss Days” Belgrade : University of Criminal Investigation and Police Studies., 17-35. https://hdl.handle.net/21.15107/rcub_jakov_1530
Čabarkapa D, Popović B, Čisar P, Kuk K. Analysis of DDoS Attack Detection Techniques for Securing Software- Defined Networks. in International scientific conference “Archibald Reiss Days”. 2023;:17-35. https://hdl.handle.net/21.15107/rcub_jakov_1530 .
Čabarkapa, Danijel, Popović, Brankica, Čisar, Petar, Kuk, Kristijan, "Analysis of DDoS Attack Detection Techniques for Securing Software- Defined Networks" in International scientific conference “Archibald Reiss Days” (2023):17-35, https://hdl.handle.net/21.15107/rcub_jakov_1530 .