Skip to Main content Skip to Navigation
Journal articles

ArOMA: an SDN based autonomic DDoS mitigation framework

Abstract : Distributed Denial of Service (DDoS) attacks have been the plague of the Internet for more than two decades, despite the tremendous and continuous efforts from both academia and industry to counter them. The lessons learned from the past DDoS mitigation designs indicate that the heavy reliance on additional software modules and dedicated hardware devices seriously impede their widespread deployment. This paper proposes an autonomic DDoS defense framework, called ArOMA, that leverages the programmability and centralized manageability features of Software Defined Networking (SDN) paradigm. Specifically, ArOMA can systematically bridge the gaps between different security functions, ranging from traffic monitoring to anomaly detection to mitigation, while sparing human operators from non-trivial interventions. It also facilitates the collaborations between ISPs and their customers on DDoS mitigation by logically distributing the essential security functions, allowing the ISP to handle DDoS traffic based on the requests of its customers. Our experimental results demonstrate that, in the face of DDoS flooding attacks, ArOMA can effectively maintain the performance of video streams at a satisfactory level
Complete list of metadata

https://hal.archives-ouvertes.fr/hal-01648031
Contributor : Médiathèque Télécom Sudparis & Institut Mines-Télécom Business School Connect in order to contact the contributor
Submitted on : Friday, November 24, 2017 - 5:14:24 PM
Last modification on : Wednesday, November 3, 2021 - 8:18:45 AM

Identifiers

Citation

Rishikesh Sahay, Gregory Blanc, Zonghua Zhang, Hervé Debar. ArOMA: an SDN based autonomic DDoS mitigation framework. Computers and Security, Elsevier, 2017, 70, pp.482 - 499. ⟨10.1016/j.cose.2017.07.008⟩. ⟨hal-01648031⟩

Share

Metrics

Les métriques sont temporairement indisponibles