Title :
Multi-defense Mechanism against DDoS in SDN Based CDNi
Author :
Mowla, Nishat I. ; Inshil Doh ; Kijoon Chae
Author_Institution :
Dept. of Comput. Sci. & Eng., Ewha Womans Univ., Seoul, South Korea
Abstract :
Lately enhancing the capability of network services automatically and dynamically through SDN and CDN/CDNi networks has become a recent topic of research. While, in one hand, these systems can be very beneficial to control and optimize the overall network services that studies the topology, traffic paths, packet handling and such others, on the other hand, the servers in such architectures can also be a potential target for DoS and/or DDoS attacks. We, therefore, propose a mechanism for the SDN based CDNi networks to securely deliver services with a multi-defense strategy against DDoS attacks. Addition of ALTO like servers in such architectures enables mapping a very big network to provide a bird´s eye view. We propose an additional marking path map in the ALTO server to trace the request packets. The next defense is a protection switch to protect the main servers. A Management Information Base (MIB) is also proposed in the SDN controller to compare and assess the request traffic coming to the protection switches.
Keywords :
computer network security; telecommunication network topology; ALTO-like servers; CDN-CDNi networks; DDoS attacks; MIB; SDN controller; SDN-based CDNi; management information base; marking path map; multidefense mechanism; multidefense strategy; network service capability enhancement; packet handling; protection switch; protection switches; request packets; request traffic; topology; traffic paths; Computer architecture; Computer crime; Management information base; Servers; Software defined networking; Switches; ALTO; CDN; CDNi; MIB; SDN;
Conference_Titel :
Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2014 Eighth International Conference on
Conference_Location :
Birmingham
Print_ISBN :
978-1-4799-4333-3
DOI :
10.1109/IMIS.2014.64
