LI Saifei, CUI Yunhe, NI Yongfeng, et al., “An Effective SDN Controller Scheduling Method to Defence DDoS Attacks,” Chinese Journal of Electronics, vol. 28, no. 2, pp. 404-407, 2019, doi: 10.1049/cje.2019.01.017
Citation:
LI Saifei, CUI Yunhe, NI Yongfeng, et al., “An Effective SDN Controller Scheduling Method to Defence DDoS Attacks,” Chinese Journal of Electronics, vol. 28, no. 2, pp. 404-407, 2019, doi: 10.1049/cje.2019.01.017
LI Saifei, CUI Yunhe, NI Yongfeng, et al., “An Effective SDN Controller Scheduling Method to Defence DDoS Attacks,” Chinese Journal of Electronics, vol. 28, no. 2, pp. 404-407, 2019, doi: 10.1049/cje.2019.01.017
Citation:
LI Saifei, CUI Yunhe, NI Yongfeng, et al., “An Effective SDN Controller Scheduling Method to Defence DDoS Attacks,” Chinese Journal of Electronics, vol. 28, no. 2, pp. 404-407, 2019, doi: 10.1049/cje.2019.01.017
The School of Information Science and Technology Southwest Jiaotong University, Chengdu 611756, China
Funds:
This work is supported by the National Natural Science Foundation of China (No.61401374), National Science Foundation for Distinguished Young Scholars of China (No.61325023) and Sichuan Science & Technology Planning Project (No.2017JY0030).
Corresponding author:
YAN Lianshan (corresponding author) was born in 1971. He received the Ph.D. degree from the University of Southern California, Los Angeles, CA, USA. He is a fellow of the Optical society of America (OSA) and a senior member of the IEEE. He is currently a full professor at Southwest Jiaotong University, Chengdu, China. He is the holder of 13 issued U.S. patents and more than 30 China patents. He is the author and coauthor of more than 400 papers published in prestigious journals and conference proceedings, including more than 10 invited journal papers and more than 40 invited talks. (Email:lsyan@swjtu.edu.cn)
Distributed Denial of Service (DDoS) attack is a difficult issue which needs to be addressed in Software defined networking (SDN). In order to help the controller to weather out the DDoS attack, an efficient controller scheduling method is proposed. The proposed controller scheduling method uses the normalized waiting time, length and extent of the switch being attacked to choose the request that needs to be processed by the controller. The evaluation results validate that compared with the polling based controller scheduling method, the proposed one can significantly reduce the connection failure ratio and delay.
M. Casado, M. Freedman, J. Pettit, et al., “Ethane: Taking control of the enterprise”, ACM SIGCOMM Computer Communication Review, Vol.37, No.4, pp.1-12, 2007.
Y. Cui, L. Yan, S. Li, et al., SD-Anti-DDoS: “Fast and efficient DDoS defence in software-defined networks”, Journal of Network and Computer Applications, Vol.68, pp.65-79, 2016.
X.G. Zhang and W. Ding, “TCP flow identifying algorithm based on finite state automaton”, Acta Electronica Sinica, Vol.45, No.6, pp.1396-1402, 2017.
S. Lim, S. Yang, Y. Kim, et al., “Controller scheduling for continued SDN operation under DDoS attacks”, Electronics Letters, Vol.51, No.16, pp.1259-1261, 2015.
A. Hussein, I.H. Elhajj, A. Chehab, et al., “SDN security plane: An architecture for resilient security services”, IEEE International Conference on Cloud Engineering Workshop (IC2EW), pp.54-59, 2016.
R. Macedo, R.D. Castro, A. Santos, et al., “Selforganized SDN controller cluster conformations against DDoS attacks effects”. IEEE Global Communications Conference (GLOBECOM), pp.1-6, 2016.
S.W. Hsu, T.Y. Chen, C.Y. Chang, et al., “Design a hashbased control mechanism in vSwitch for software-defined networking environment”, IEEE International Conference on Cluster Computing, pp.498-499, 2015.