期刊
IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT
卷 15, 期 4, 页码 1235-1248出版社
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TNSM.2018.2873639
关键词
SDN; OpenFlow; DoS attacks; time slice allocation; priority queue; controller scheduling method
资金
- National Key Research and Development Program of China [2016YFB0800100, 2016YFB0800101]
- National Natural Science Fund for Creative Research Groups Project [61521003]
Software-defined networking (SDN) has emerged as a new networking paradigm that can provide fine-grained network management service. Since the SDN controller makes control decision for the network, it becomes the main target of denial of service (DoS) attacks. In this paper, we propose BWManager to mitigateE which mainly consists mitigate the DoS attacks on the SDN controller with BWManager that mainly consists of four key components: 1) simplified DoS detection module; 2) forecasting engine; 3) priority manager; and 4) scheduler. The simplified DoS detection module calculates a comprehensive judgment score for each switch, which indicates the attacking severity of each switch and is used to decide time slice allocation of the controller. The forecasting engine is the basis of the controller scheduling method and forecasts the bandwidth consumption of users to determine the users' trust values. The trust values are used by the priority manager to manage multiple buffer queues with different priorities for the users. The scheduler protects the controller and the normal users under DoS attacks by running a weighted Round-Robin algorithm to process flow requests in different priority queues. We evaluate the performance and overhead of BWManager in both hardware and software OpenFlow environments. The results demonstrate that BWManager is effective with a limited overhead.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据