SpringerLink
Log in

Mitigation of Distributed Denial of Service (DDoS) Attack Using Network Function Virtualization (NFV)—A Survey

  • Conference paper
  • First Online:
Security, Privacy and Data Analytics (ISPDA 2022)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 1049))

Included in the following conference series:

  • 144 Accesses

Abstract

One of the most damaging and widely used cyber-attacks is the Distributed Denial of Service (DDoS) attack. A large amount of attack traffic generates traffic congestion and disables online services by disrupting ISP services. DDoS attacks are extremely difficult to detect and mitigate. DDoS attacks are launched using a variety of strategies and approaches, including IP spoofing, botnets and tools. Traditionally hardware, i.e. middle boxes such as Routers, firewall, load balancer and IDS are used to reduce the traffic volume of the DDoS attack. But with the origination of the Network Function Virtualization researchers started to propose various techniques for the mitigation of the volume of the DDoS attack. In this paper, we have reviewed various proposed techniques to defeat DDoS attacks and their efficiency in reducing the attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Fung CJ, McCormick B (2015) VGuard: a distributed denial of service attack mitigation method using network function virtualization. In: 2015 11th International conference on network and service management (CNSM), Barcelona, pp 64–70. https://doi.org/10.1109/CNSM.2015.7367340

  2. Alharbi T, Aljuhani A, Liu H, Hu C (2017) Smart and lightweight DDoS detection using NFV. In: Proceedings of the international conference on compute and data analysis (ICCDA '17). Association for Computing Machinery, New York, NY, USA, pp 220–227. https://doi.org/10.1145/3093241.3093253

  3. Alharbi A, Aljuhani A, Liu H (2017) Holistic DDoS mitigation using NFV. In: 2017 IEEE 7th annual computing and communication workshop and conference (CCWC), Las Vegas, NV, pp 1–4. https://doi.org/10.1109/CCWC.2017.7868480

  4. Aljuhani A, Alharbi T, Liu H (2017) XFirewall: a dynamic and additional mitigation against DDoS storm. In: Proceedings of the international conference on compute and data analysis (ICCDA '17). ACM, New York, NY, USA, pp 1–5. https://doi.org/10.1145/3093241.3093252

  5. Guizani N, Ghafoor A (2020) A network function virtualization system for detecting malware in large IoT based networks. IEEE J Sel Areas Commun 38(6):1218–1228. Network Functions Virtualisation—Introductory White Paper. http://portal.etsi.org/NFV/NFV_White_Paper.pdf

  6. Zhou L, Guo H (2017) Applying NFV/SDN in mitigating DDoS attacks. In: TENCON 2017—2017 IEEE region 10 conference, Penang, pp 2061–2066. https://doi.org/10.1109/TENCON.2017.8228200

  7. Mijumbi R, Serrat J, Gorricho J-L, Bouten N, De Turck F, Boutaba R (2015) Network function virtualization: state-of-the-art and research challenges. IEEE Commun Surv Tutor

    Google Scholar 

  8. Rashidi B, Fung C, Bertino E (2017) A collaborative DDoS defence framework using network function virtualization. IEEE Trans Inf Forensics Secur 12(10):2483–2497. https://doi.org/10.1109/TIFS.2017.2708693

    Article  Google Scholar 

  9. Rashidi B, Fung C (2016) CoFence: a collaborative DDoS defence using network function virtualization. In: 2016 12th International conference on network and service management (CNSM), Montreal, QC, pp 160–166. https://doi.org/10.1109/CNSM.2016.7818412

  10. Alwakeel AM, Alnaim AK, Fernandez EB (2018) A survey of network function virtualization security. SoutheastCon 2018, St. Petersburg, FL, pp 1–8. https://doi.org/10.1109/SECON.2018.8479121

  11. Fülber Garcia V, de Freitas Gaiardo G, da Cruz Marcuzzo L, Ceretta Nunes R, Paula dos Santos CR (2018) DeMONS: a DDoS mitigation NFV solution. In: 2018 IEEE 32nd International conference on advanced information networking and applications (AINA), Krakow, pp 769–776. https://doi.org/10.1109/AINA.2018.00115

  12. Li W, Meng W, Kwok LF (2021) Surveying trust-based collaborative intrusion detection: state-of-the-art, challenges and future directions. IEEE Commun Surv Tutor 24(1):280–305

    Google Scholar 

  13. Hawilo H, Jammal M, Shami A (2017) Orchestrating network function virtualization platform: migration or re-instantiation? In: 2017 IEEE 6th International conference on cloud networking (CloudNet), Prague, pp 1–6. https://doi.org/10.1109/CloudNet.2017.8071528

  14. Chatras (2018) Applying a service-based architecture design style to network functions virtualization. In: 2018 IEEE Conference on standards for communications and networking (CSCN), Paris, pp 1–4. https://doi.org/10.1109/CSCN.2018.8581751

  15. Riggio R, Bradai A, Harutyunyan D, Rasheed T, Ahmed T (2016) Scheduling wireless virtual networks functions. IEEE Trans Netw Serv Manage 13(2):240–252. https://doi.org/10.1109/TNSM.2016.2549563

    Article  Google Scholar 

  16. Bhosale KS, Nenova M, Iliev G (2017) The distributed denial of service attacks (DDoS) prevention mechanisms on application layer. In: 2017 13th International conference on advanced technologies, systems and services in telecommunications (TELSIKS), Nis, pp 136–139. https://doi.org/10.1109/TELSKS.2017.8246247

  17. Nagesh HR, Sekaran KC (2006) Design and development of proactive solutions for mitigating denial-of-service attacks. In 2006 International conference on advanced computing and communications, Surathkal, pp 157–162. https://doi.org/10.1109/ADCOM.2006.4289874

  18. Yogesh Patil R, Ragha L (2011) A rate limiting mechanism for defending against flooding based distributed denial of service attack. In: 2011 World congress on information and communication technologies, Mumbai, pp 182–186. https://doi.org/10.1109/WICT.2011.6141240

  19. Grant C (2018) Distributed detection and response for the mitigation of distributed denial of service attacks. In: 2018 International conference on information networking (ICOIN), Chiang Mai, pp 495–497. https://doi.org/10.1109/ICOIN.2018.8343168

  20. Singh AK, Jaiswal RK, Abdukodir K, Muthanna A (2020) ARDefense: DDoS detection and prevention using NFV and SDN. In: 2020 12th International congress on ultra modern telecommunications and control systems and workshops (ICUMT), Brno, Czech Republic, pp 236–241. https://doi.org/10.1109/ICUMT51630.2020.9222443

  21. Bhuyan MH, Kashyap HJ, Bhattacharyya DK, Kalita JK (2014) Detecting distributed denial of service attacks: methods, tools and future directions. Comput J 57(4):537–556. https://doi.org/10.1093/comjnl/bxt031

    Article  Google Scholar 

  22. ** Y, Wen Y (2017) When cloud media meet network function virtualization: challenges and applications. IEEE Multimedia 24(3):72–82. https://doi.org/10.1109/MMUL.2017.3051519

    Article  Google Scholar 

  23. Li Y, Chen M (2015) Software-defined network function virtualization: a survey. IEEE Access 3:2542–2553. https://doi.org/10.1109/ACCESS.2015.2499271

    Article  Google Scholar 

  24. Chatras B, Ozog FF (2016) Network functions virtualization: the portability challenge. IEEE Netw 30(4):4–8. https://doi.org/10.1109/MNET.2016.7513857

  25. Kim S, Kim HS (2017) A high available service based on virtualization technology in NFV. In: 2017 International conference on information networking (ICOIN), Da Nang, pp 649–652. https://doi.org/10.1109/ICOIN.2017.7899578

  26. Vilalta R et al (2015) Transport network function virtualization. J Lightwave Technol 33(8):1557–1564. https://doi.org/10.1109/JLT.2015.2390655

  27. Jakaria AHM, Yang W, Rashidi B, Fung C, Rahman MA (2016) VFence: a defense against distributed denial of service attacks using network function virtualization. In: 2016 IEEE 40th annual computer software and applications conference (COMPSAC), Atlanta, GA, pp 431–436. https://doi.org/10.1109/COMPSAC.2016.219

  28. Bülbül NS, Fischer M (2020) SDN/NFV-based DDoS mitigation via pushback. In: ICC 2020—2020 IEEE International conference on communications (ICC), Dublin, Ireland, pp 1–6. https://doi.org/10.1109/ICC40277.2020.9148717

Download references

Author information

Authors and Affiliations

  1. SCSE, VIT Bhopal University, Bhopal, Madhyapradesh, India

    Gajanan N. Tikhe & Pushpinder Singh Patheja

Authors
  1. Gajanan N. Tikhe
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pushpinder Singh Patheja
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gajanan N. Tikhe .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, National Institute of Technology Patna, Bihar, India

    Udai Pratap Rao

  2. Faculty of Science and Technology, Charles Darwin University, Northern Territory, NT, Australia

    Mamoun Alazab

  3. Department of Computer Science and Engineering, Sardar Vallabhbhai National Institute of Technology, Surat, India

    Bhavesh N. Gohil

  4. Reliance Jio Platforms, Bangalore, India

    Pethuru Raj Chelliah

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tikhe, G.N., Patheja, P.S. (2023). Mitigation of Distributed Denial of Service (DDoS) Attack Using Network Function Virtualization (NFV)—A Survey. In: Rao, U.P., Alazab, M., Gohil, B.N., Chelliah, P.R. (eds) Security, Privacy and Data Analytics. ISPDA 2022. Lecture Notes in Electrical Engineering, vol 1049. Springer, Singapore. https://doi.org/10.1007/978-981-99-3569-7_22

Download citation

  • DOI: https://doi.org/10.1007/978-981-99-3569-7_22

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-99-3568-0

  • Online ISBN: 978-981-99-3569-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation