|
Journal of Computer Science and Technology ›› 2022, Vol. 37 ›› Issue (4): 839-851.doi: 10.1007/s11390-022-1495-0
Special Issue: Computer Networks and Distributed Computing
• Special Section of MASS 2020-2021 • Previous Articles Next Articles
Xuan-Bo Huang1 (黄轩博), Student Member, IEEE, Kai-Ping Xue1,* (薛开平), Senior Member, CCF, IEEE, Yi-Tao Xing1 (幸一滔), Student Member, IEEE, Ding-Wen Hu1 (胡定文), Student Member, IEEE, Ruidong Li2 (李睿栋), Senior Member, IEEE, and Qi-Bin Sun1 (孙启彬), Fellow, IEEE
[1] Kreutz D, Ramos F, V P et al. Software-defined networking: A comprehensive survey. Proc. IEEE, 2015, 103(1): 14-76. DOI: 10.1109/JPROC.2014.2371999. [2] McKeown N, Anderson T, Balakrishnan H et al. OpenFlow: Enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review, 2008, 38(2): 69-74. DOI: 10.1145/1355734.1355746。 [3] Shin S, Yegneswaran V, Porras P, Gu G. AVANT-GUARD: Scalable and vigilant switch flow management in software-defined networks. In Proc. the ACM Conference on Computer and Communications Security, November 2013, pp.413-424. DOI: 10.1145/2508859.2516684. [4] Fichera S, Galluccio L, Grancagnolo S et al. OPERETTA: An OPEnflow-based remedy to mitigate TCP SYNFLOOD attacks against web servers. Computer Networks, 2015, 92: 89-100. DOI: 10.1016/j.comnet.2015.08.038. [5] Mohammadi R, Javidan R, Conti M. SLICOTS: An SDN-based lightweight countermeasure for TCP SYN flooding attacks. IEEE Transactions on Network and Service Management, 2017, 14(2): 487-497. DOI: 10.1109/TNSM.2017.2701549. [6] Li Z, Xing W, Khamaiseh S, Xu D. Detecting saturation attacks based on self-similarity of OpenFlow traffic. IEEE Transactions on Network and Service Management, 2020, 17(1): 607-621. DOI: 10.1109/TNSM.2019.2959268. [7] Achleitner S, Porta T L, Jaeger T, McDaniel P. Adversarial network forensics in software defined networking. In Proc. the Symposium on SDN Research, April 2017, pp.8-20. DOI: 10.1145/3050220.3050223. [8] Liu S, Reiter M K, Sekar V. Flow reconnaissance via timing attacks on SDN switches. In Proc. the 37th IEEE International Conference on Distributed Computing Systems, June 2017, pp.196-206. DOI: 10.1109/ICDCS.2017.281. [9] Cao J, Li Q, Xie R et al. The CrossPath attack: Disrupting the SDN control channel via shared links. In Proc. the 28th USENIX Security Symposium, August 2019, pp.19-36. [10] Patwardhan A, Jayarama D, Limaye N et al. SDN Security: Information disclosure and flow table overflow attacks. In Proc. the IEEE Global Communications Conference, December 2019. DOI: 10.1109/GLOBECOM38437.2019.9014048. [11] Zhang M, Li G, Xu L et al. Control plane reflection attacks in SDNs: New attacks and countermeasures. In Proc. the 21st International Symposium on Research in Attacks, Intrusions, and Defenses, September 2018, pp.161-183. DOI: 10.1007/978-3-030-00470-5. [12] Cao J, Xu M, Li Q et al. Disrupting SDN via the data plane: A low-rate flow table overflow attack. In Proc. the 13th International Conference on Security and Privacy in Communication Networks, October 2017, pp.356-376. DOI: 10.1007/978-3-319-78813-5. [13] Yu M, He T, McDaniel P, Burke Q K. Flow table security in SDN: Adversarial reconnaissance and intelligent attacks. In Proc. the 39th IEEE International Conference on Computer Communications, July 2020, pp.1519-1528. DOI: 10.1109/INFOCOM41043.2020.9155538. [14] Wang H, Xu L, Gu G. FloodGuard: A DoS attack prevention extension in software-defined networks. In Proc. the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, June 2015, pp.239-250. DOI: 10.1109/DSN.2015.27. [15] Gao S, Peng Z, Xiao B, Hu A Q, Ren K. FloodDefender: Protecting data and control plane resources under SDN-aimed DoS attacks. In Proc. the 36th IEEE International Conference on Computer Communications, May 2017. DOI: 10.1109/INFOCOM.2017.8057009. [16] Buragohain C, Medhi N. FlowTrApp: An SDN based architecture for DDoS attack detection and mitigation in data centers. In Proc. the 3rd International Conference on Signal Processing and Integrated Networks, February 2016, pp.519-524. DOI: 10.1109/SPIN.2016.7566750. [17] Hu D, Hong P, Chen Y. FADM: DDoS flooding attack detection and mitigation system in software-defined networking. In Proc. the IEEE Global Communications Conference, December 2017. DOI: 10.1109/GLOCOM.2017.8254023. [18] Giotis K, Argyropoulos C, Androulidakis G et al. Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Computer Networks, 2014, 62: 122-136. DOI: 10.1016/j.bjp.2013.10.014. [19] Da Silva A, Wickboldt J, Granville L, Schaeffer-Filho A. ATLANTIC: A framework for anomaly traffic detection, classification, and mitigation in SDN. In Proc. the IEEE/IFIP Conference on Network Operations and Management Symposium, April 2016, pp.27-35. DOI: 10.1109/NOMS.2016.7502793. [20] Kotani D, Okabe Y. A packet-in message filtering mechanism for protection of control plane in OpenFlow networks. In Proc. the ACM/IEEE Symposium on Architectures for Networking and Communications Systems, October 2014, pp.29-40. DOI: 10.1145/2658260.2658276. [21] Huang X, Xue K, Xing Y, Hu D, Li R, Sun Q. FSDM: Fast recovery saturation attack detection and mitigation framework in SDN. In Proc. the 17th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, Dec. 2020, pp.329-337. DOI: 10.1109/MASS50613.2020.00048. [22] Fisher R A. The use of multiple measurements in taxonomic problems. Annals of Eugenics, 1936, 7(2): 179-188. DOI: 10.1111/j.1469-1809.1936.tb02137.x. [23] Shin S, Gu G. Attacking software-defined networks: A first feasibility study. In Proc. the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, August 2013, pp.165-166. DOI: 10.1145/2491185.2491220. [24] Ambrosin M, Conti M, De Gaspari F, Poovendran R. LineSwitch: Tackling control plane saturation attacks in software-defined networking. IEEE/ACM Transactions on Networking, 2017, 25(2): 1206-1219. DOI: 10.1109/TNET.2016.2626287. [25] Sonchack J, Dubey A, Aviv A J et al. Timing-based reconnaissance and defense in software-defined networks. In Proc. the 32nd Annual Conference on Computer Security Applications, December 2016, pp.89-100. DOI: 10.1145/2991079.2991081. [26] Bloom B H. Space/time trade-offs in hash coding with allowable errors. Communications of the ACM, 1970, 13(7): 422-426. DOI: 10.1145/362686.362692. |
[1] | Maryam Zarezadeh, Hamid Mala, Homa Khajeh. Preserving Privacy of Software-Defined Networking Policies by Secure Multi-Party Computation [J]. Journal of Computer Science and Technology, 2020, 35(4): 863-874. |
[2] | Jianjun Zheng, Akbar Siami Namin. A Survey on the Moving Target Defense Strategies: An Architectural Perspective [J]. Journal of Computer Science and Technology, 2019, 34(1): 207-233. |
[3] | LIU QingShan , HUANG Rui , LU HanQing and MA SongDe . Kernel-Based Nonlinear Discriminant Analysis for Face Recognition [J]. , 2003, 18(6): 0-0. |
|