Software-defined Networking Based DDoS Defense Mechanisms

Distributed Denial of Service attack (DDoS) is recognized to be one of the catastrophic attacks against various digital communication entities. Software-defined networking (SDN) is an emerging technology for computer networks that uses open protocols for controlling switches and routers placed at the network edges by using specialized open programmable interfaces. In this paper, a detailed study on DDoS threats prevalent in SDN is presented. Firstly, SDN features are examined from the perspective of security, and then, a discussion on assessment of SDN security features is done. Further, two viewpoints towards protecting the networks against DDoS attacks are elaborated. In the first view, SDN utilizes its abilities to secure the conventional networks. In the second view, SDN may become a victim of the threats itself because of the centralized control mechanism. The main focus of this research work is towards discovering critical security implications in SDN while reviewing the current ongoing research studies. By emphasizing the available state of the art techniques, an extensive review towards the advancement of the SDN security is provided to the researchers and IT communities.