Author(s): Rishikesh Sahay, Gregory Blanc, Zonghua Zhang, Herve Debar

Download: Paper (PDF)

Date: 7 Feb 2015

Document Type: Briefing Papers

Additional Documents: Slides

Associated Event: NDSS Symposium 2015


Distributed Denial of Service attacks (DDoS) have remained as one of the most destructive attacks in the Internet for over two decades. Despite tremendous efforts on the design of DDoS defense strategies, few of them have been considered for widespread deployment due to strong design assumptions on the Internet infrastructure, prohibitive operational costs and complexity. Recently, the emergence of Software Defined Networking (SDN) has offered a solution to reduce network management complexity. It is also believed to facilitate security management thanks to its programmability. To explore the advantages of using SDN to mitigate DDoS attacks, we propose a distributed collaborative framework to allow the customers to request DDoS mitigation service from ISPs. Upon the request, ISPs can change the label of the anomalous traffic and redirect them to security middleboxes, while attack detection and analysis modules are deployed at customer side, avoiding privacy leakage and other legal issues. Our work reported in this paper can be seen as one of the first attempts towards autonomic DDoS mitigation through the careful examination of the self-management capability of SDN. The prototype and preliminary analysis demonstrate that SDN has promising potential to enable autonomic mitigation of DDoS attacks, as well as other large-scale attacks.