|
|
A cost-effective MTD approach for DDoS attacks in software-defined networks |
|---|---|
| Author: | Javadpour, Amir1; Ja'fari, Forough2; Taleb, Tarik1; |
| Organizations: |
1Faculty of Information Technology and Electrical Engineering, University of Oulu, Oulu, Finland 2Department of Computer Engineering, Sharif University of Technology, Tehran, Iran 35GIC & 6GIC, Institute for Communication Systems (ICS) University of Surrey, Guildford, United Kingdom |
| Format: | article |
| Version: | accepted version |
| Access: | open |
| Online Access: | PDF Full Text (PDF, 0.2 MB) |
| Persistent link: | http://urn.fi/urn:nbn:fi-fe2023051143433 |
| Language: | English |
| Published: |
IEEE,
2022
|
| Publish Date: | 2023-05-11 |
| Description: |
AbstractProtecting large-scale networks, especially Software-Defined Networks (SDNs), against distributed attacks in a costeffective manner plays a prominent role in cybersecurity. One of the pervasive approaches to plug security holes and prevent vulnerabilities from being exploited is Moving Target Defense (MTD), which can be efficiently implemented in SDN as it needs comprehensive and proactive network monitoring. The critical key in MTD is to shuffle the least number of hosts with an acceptable security impact and keep the shuffling frequency low. In this paper, we have proposed an SDN-oriented Cost-effective Edge-based MTD Approach (SCEMA) to mitigate Distributed Denial of Service (DDoS) attacks with a lower cost by shuffling an optimized set of hosts have the highest number of connections to the critical servers. These connections are named edges from a graph-theoretical point of view. We have designed a system based on SCEMA and simulated it in Mininet. The results show that SCEMA has lower (52.58%) complexity than the previous related MTD methods with improving the security level by 14.32%. see all
|
| ISBN: | 978-1-6654-3541-3 |
| ISBN Print: | 978-1-6654-3540-6 |
| Pages: | 4173 - 4178 |
| DOI: | 10.1109/globecom48099.2022.10000603 |
| OADOI: | https://oadoi.org/10.1109/globecom48099.2022.10000603 |
| Host publication: |
GLOBECOM 2022 - 2022 IEEE Global Communications Conference |
| Conference: |
IEEE Global Communications Conference |
| Type of Publication: |
A4 Article in conference proceedings |
| Field of Science: |
213 Electronic, automation and communications engineering, electronics |
| Subjects: | |
| Funding: |
This work was supported in part by the Academy of Finland Project 6Genesis Flagship (Grant No. 346208) and the EU’s Horizon 2020 research and innovation programme under the INSPIRE-5Gplus project (Grant No. 871808). The paper reflects only the authors’ views. The Commission is not responsible for any use that may be made of the information it contains. Mohammad Shojafar is supported by Marie Curie Global Fellowship funded by European Commission with grant agreement MSCA-IF-GF-839255. |
| EU Grant Number: |
(871808) INSPIRE-5Gplus - INtelligent Security and PervasIve tRust for 5G and Beyond |
| Academy of Finland Grant Number: |
346208 |
| Detailed Information: |
346208 (Academy of Finland Funding decision) |
| Copyright information: |
© 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. |