DDoS attacks mounted by botnets today target a specific service, mobilizing only a small amount of legitimate-looking traffic to compromise the server. Detecting or blocking such clever attacks by only using anomalous traffic statistics has become difficult, and devising countermeasures has been mostly left to the victim server. In this paper, we investigate how a software-defined network (SDN) can be utilized to overcome the difficulty and effectively block legitimate looking DDoS attacks mounted by a larger number of bots. Specifically, we discuss a DDoS blocking application that runs over the SDN controller while using the standard OpenFlow interface.
Mendeley saves you time finding and organizing research
Choose a citation style from the tabs below