A reputation-based collaborative schema for the mitigation of distributed attacks in SDN domains

Kostas Giotis, Maria Apostolaki, Vasilis Maglaris

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Scopus citations

Abstract

In this paper, we investigate collaborative schemes to mitigate Distributed Denial of Service attacks in multi-domain Software Defined Networks (SDNs). The mitigation process itself is distributed, initiated by the domain of the victim, and involving all domains in the path of an attack (transit domains). We emphasize on filtering malicious flows as close to the attack sources as possible. We propose a modular and scalable approach that leverages on the SDNi (SDN interface) protocol, as the enabler for information exchange between adjacent SDN domains. We extend this protocol by publishing and exchanging pointers to incident reports, formatted according to the IETF IODEF standards and exposed through domain SDN Controllers. Thus, an SDN domain hosting the victim of the attack is able to notify the recipients about the malicious flows that they forward, requesting their filtering until the attack ceases. In order to motivate close cooperation of SDN domains governed by diverse authorities, we implemented and evaluated a reputation mechanism, whereby domains historically assess the behavior of their neighbors, discouraging assistance in case the domain of the victim has a poor cooperation track record.

Original languageEnglish (US)
Title of host publicationProceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium
EditorsSema Oktug Badonnel, Mehmet Ulema, Cicek Cavdar, Lisandro Zambenedetti Granville, Carlos Raniery P. dos Santos
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages495-501
Number of pages7
ISBN (Electronic)9781509002238
DOIs
StatePublished - Jun 30 2016
Externally publishedYes
Event2016 IEEE/IFIP Network Operations and Management Symposium, NOMS 2016 - Istanbul, Turkey
Duration: Apr 25 2016Apr 29 2016

Publication series

NameProceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium

Conference

Conference2016 IEEE/IFIP Network Operations and Management Symposium, NOMS 2016
Country/TerritoryTurkey
CityIstanbul
Period4/25/164/29/16

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems and Management

Keywords

  • Attack Mitigation
  • DDoS
  • OpenFlow
  • SDN
  • SDNi

Fingerprint

Dive into the research topics of 'A reputation-based collaborative schema for the mitigation of distributed attacks in SDN domains'. Together they form a unique fingerprint.

Cite this