Multi-defense Mechanism against DDoS in SDN Based CDNi

Lately enhancing the capability of network services automatically and dynamically through SDN and CDN/CDNi networks has become a recent topic of research. While, in one hand, these systems can be very beneficial to control and optimize the overall network services that studies the topology, traffic paths, packet handling and such others, on the other hand, the servers in such architectures can also be a potential target for DoS and/or DDoS attacks. We, therefore, propose a mechanism for the SDN based CDNi networks to securely deliver services with a multi-defense strategy against DDoS attacks. Addition of ALTO like servers in such architectures enables mapping a very big network to provide a bird´s eye view. We propose an additional marking path map in the ALTO server to trace the request packets. The next defense is a protection switch to protect the main servers. A Management Information Base (MIB) is also proposed in the SDN controller to compare and assess the request traffic coming to the protection switches.