A Method for DDoS Attacks Prevention Using SDN and NFV

Mohammad Javad Shayegan; Amirreza Damghanian

doi:10.1109/ACCESS.2024.3438538

IEEE Access (Jan 2024)

A Method for DDoS Attacks Prevention Using SDN and NFV

Mohammad Javad Shayegan,
Amirreza Damghanian

Affiliations

Mohammad Javad Shayegan: ORCiD; Department of Computer Engineering, University of Science and Culture, Tehran, Iran
Amirreza Damghanian: ORCiD; Department of Computer Engineering, University of Science and Culture, Tehran, Iran

DOI: https://doi.org/10.1109/ACCESS.2024.3438538
Journal volume & issue: Vol. 12
pp. 108176 – 108184

Abstract

Read online

Distributed Denial-of-Service (DDoS) attacks are among the most common security attacks in enterprise networks. DDoS attacks are designed to disrupt networks by sending many false requests. With the introduction of Network Functions Virtualization (NFV), a new paradigm has been created for network management and design. The NFV architecture allows network functions to be defined dquite dynamically. A dynamic definition of network functions will provide the most effective support for organizational environments. This research aims to prevent DDoS attacks using NFV and Software-Defined Networking(SDN) platforms. Moving Target Defense (MTD) is used in this research to alter the routing and location of particular detection packets in the network. This MTD technique effectively hinders attackers from targeting real network topologies. A significant innovation introduced in this research is the selection of MTD types based on the processing resources of overlay networks. The results indicate that the proposed method will save these resources and reduce the time required to check network packets.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords