Abstract
One of the most damaging and widely used cyber-attacks is the Distributed Denial of Service (DDoS) attack. A large amount of attack traffic generates traffic congestion and disables online services by disrupting ISP services. DDoS attacks are extremely difficult to detect and mitigate. DDoS attacks are launched using a variety of strategies and approaches, including IP spoofing, botnets and tools. Traditionally hardware, i.e. middle boxes such as Routers, firewall, load balancer and IDS are used to reduce the traffic volume of the DDoS attack. But with the origination of the Network Function Virtualization researchers started to propose various techniques for the mitigation of the volume of the DDoS attack. In this paper, we have reviewed various proposed techniques to defeat DDoS attacks and their efficiency in reducing the attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Fung CJ, McCormick B (2015) VGuard: a distributed denial of service attack mitigation method using network function virtualization. In: 2015 11th International conference on network and service management (CNSM), Barcelona, pp 64–70. https://doi.org/10.1109/CNSM.2015.7367340
Alharbi T, Aljuhani A, Liu H, Hu C (2017) Smart and lightweight DDoS detection using NFV. In: Proceedings of the international conference on compute and data analysis (ICCDA '17). Association for Computing Machinery, New York, NY, USA, pp 220–227. https://doi.org/10.1145/3093241.3093253
Alharbi A, Aljuhani A, Liu H (2017) Holistic DDoS mitigation using NFV. In: 2017 IEEE 7th annual computing and communication workshop and conference (CCWC), Las Vegas, NV, pp 1–4. https://doi.org/10.1109/CCWC.2017.7868480
Aljuhani A, Alharbi T, Liu H (2017) XFirewall: a dynamic and additional mitigation against DDoS storm. In: Proceedings of the international conference on compute and data analysis (ICCDA '17). ACM, New York, NY, USA, pp 1–5. https://doi.org/10.1145/3093241.3093252
Guizani N, Ghafoor A (2020) A network function virtualization system for detecting malware in large IoT based networks. IEEE J Sel Areas Commun 38(6):1218–1228. Network Functions Virtualisation—Introductory White Paper. http://portal.etsi.org/NFV/NFV_White_Paper.pdf
Zhou L, Guo H (2017) Applying NFV/SDN in mitigating DDoS attacks. In: TENCON 2017—2017 IEEE region 10 conference, Penang, pp 2061–2066. https://doi.org/10.1109/TENCON.2017.8228200
Mijumbi R, Serrat J, Gorricho J-L, Bouten N, De Turck F, Boutaba R (2015) Network function virtualization: state-of-the-art and research challenges. IEEE Commun Surv Tutor
Rashidi B, Fung C, Bertino E (2017) A collaborative DDoS defence framework using network function virtualization. IEEE Trans Inf Forensics Secur 12(10):2483–2497. https://doi.org/10.1109/TIFS.2017.2708693
Rashidi B, Fung C (2016) CoFence: a collaborative DDoS defence using network function virtualization. In: 2016 12th International conference on network and service management (CNSM), Montreal, QC, pp 160–166. https://doi.org/10.1109/CNSM.2016.7818412
Alwakeel AM, Alnaim AK, Fernandez EB (2018) A survey of network function virtualization security. SoutheastCon 2018, St. Petersburg, FL, pp 1–8. https://doi.org/10.1109/SECON.2018.8479121
Fülber Garcia V, de Freitas Gaiardo G, da Cruz Marcuzzo L, Ceretta Nunes R, Paula dos Santos CR (2018) DeMONS: a DDoS mitigation NFV solution. In: 2018 IEEE 32nd International conference on advanced information networking and applications (AINA), Krakow, pp 769–776. https://doi.org/10.1109/AINA.2018.00115
Li W, Meng W, Kwok LF (2021) Surveying trust-based collaborative intrusion detection: state-of-the-art, challenges and future directions. IEEE Commun Surv Tutor 24(1):280–305
Hawilo H, Jammal M, Shami A (2017) Orchestrating network function virtualization platform: migration or re-instantiation? In: 2017 IEEE 6th International conference on cloud networking (CloudNet), Prague, pp 1–6. https://doi.org/10.1109/CloudNet.2017.8071528
Chatras (2018) Applying a service-based architecture design style to network functions virtualization. In: 2018 IEEE Conference on standards for communications and networking (CSCN), Paris, pp 1–4. https://doi.org/10.1109/CSCN.2018.8581751
Riggio R, Bradai A, Harutyunyan D, Rasheed T, Ahmed T (2016) Scheduling wireless virtual networks functions. IEEE Trans Netw Serv Manage 13(2):240–252. https://doi.org/10.1109/TNSM.2016.2549563
Bhosale KS, Nenova M, Iliev G (2017) The distributed denial of service attacks (DDoS) prevention mechanisms on application layer. In: 2017 13th International conference on advanced technologies, systems and services in telecommunications (TELSIKS), Nis, pp 136–139. https://doi.org/10.1109/TELSKS.2017.8246247
Nagesh HR, Sekaran KC (2006) Design and development of proactive solutions for mitigating denial-of-service attacks. In 2006 International conference on advanced computing and communications, Surathkal, pp 157–162. https://doi.org/10.1109/ADCOM.2006.4289874
Yogesh Patil R, Ragha L (2011) A rate limiting mechanism for defending against flooding based distributed denial of service attack. In: 2011 World congress on information and communication technologies, Mumbai, pp 182–186. https://doi.org/10.1109/WICT.2011.6141240
Grant C (2018) Distributed detection and response for the mitigation of distributed denial of service attacks. In: 2018 International conference on information networking (ICOIN), Chiang Mai, pp 495–497. https://doi.org/10.1109/ICOIN.2018.8343168
Singh AK, Jaiswal RK, Abdukodir K, Muthanna A (2020) ARDefense: DDoS detection and prevention using NFV and SDN. In: 2020 12th International congress on ultra modern telecommunications and control systems and workshops (ICUMT), Brno, Czech Republic, pp 236–241. https://doi.org/10.1109/ICUMT51630.2020.9222443
Bhuyan MH, Kashyap HJ, Bhattacharyya DK, Kalita JK (2014) Detecting distributed denial of service attacks: methods, tools and future directions. Comput J 57(4):537–556. https://doi.org/10.1093/comjnl/bxt031
** Y, Wen Y (2017) When cloud media meet network function virtualization: challenges and applications. IEEE Multimedia 24(3):72–82. https://doi.org/10.1109/MMUL.2017.3051519
Li Y, Chen M (2015) Software-defined network function virtualization: a survey. IEEE Access 3:2542–2553. https://doi.org/10.1109/ACCESS.2015.2499271
Chatras B, Ozog FF (2016) Network functions virtualization: the portability challenge. IEEE Netw 30(4):4–8. https://doi.org/10.1109/MNET.2016.7513857
Kim S, Kim HS (2017) A high available service based on virtualization technology in NFV. In: 2017 International conference on information networking (ICOIN), Da Nang, pp 649–652. https://doi.org/10.1109/ICOIN.2017.7899578
Vilalta R et al (2015) Transport network function virtualization. J Lightwave Technol 33(8):1557–1564. https://doi.org/10.1109/JLT.2015.2390655
Jakaria AHM, Yang W, Rashidi B, Fung C, Rahman MA (2016) VFence: a defense against distributed denial of service attacks using network function virtualization. In: 2016 IEEE 40th annual computer software and applications conference (COMPSAC), Atlanta, GA, pp 431–436. https://doi.org/10.1109/COMPSAC.2016.219
Bülbül NS, Fischer M (2020) SDN/NFV-based DDoS mitigation via pushback. In: ICC 2020—2020 IEEE International conference on communications (ICC), Dublin, Ireland, pp 1–6. https://doi.org/10.1109/ICC40277.2020.9148717
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Tikhe, G.N., Patheja, P.S. (2023). Mitigation of Distributed Denial of Service (DDoS) Attack Using Network Function Virtualization (NFV)—A Survey. In: Rao, U.P., Alazab, M., Gohil, B.N., Chelliah, P.R. (eds) Security, Privacy and Data Analytics. ISPDA 2022. Lecture Notes in Electrical Engineering, vol 1049. Springer, Singapore. https://doi.org/10.1007/978-981-99-3569-7_22
Download citation
DOI: https://doi.org/10.1007/978-981-99-3569-7_22
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-3568-0
Online ISBN: 978-981-99-3569-7
eBook Packages: Computer ScienceComputer Science (R0)