SMC: A New Strategy Based on Software-Defined Networking to Mitigate the Impact of Anomalies on Cooperative Cloud

Guesmi, Houda; Kalghoum, Anwar; Guesmi, Ramzi; Saïdane, Leïla Azouz

doi:10.1007/978-3-030-88207-5_14

Houda Guesmi⁹,
Anwar Kalghoum⁹,
Ramzi Guesmi⁹ &
…
Leïla Azouz Saïdane⁹

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12983))

Included in the following conference series:

International Conference on Cooperative Design, Visualization and Engineering

815 Accesses

Abstract

Distributed Denial of Service (DDoS) attacks remain one of the most effective cybercriminals methods to cause significant financial and operational damage. In Cloud Computing, these attacks’ goal is to shut down cloud servers, flooding them with traffic from compromised devices or networks. To address these issues, we offer SMC, a new approach to protect cloud servers against distributed denial of service attacks and mitigate their impact on network performance. SMC uses an SDN-based attack detection system to detect possible DDoS attacks and effectively mitigate their impact by rerouting malicious traffic, adjusting switch rule timeouts and aggregating these rules into SDN switch tables. Our experiments show that SMC maintains network performance during DDoS attacks. In addition, SMC significantly reduces packets’ loss and their average transmission time in the network during DDoS attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 64.99; Price excludes VAT (USA)

Softcover Book: USD 84.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Chaudhary, D., Bhushan, K., Gupta, B.: Survey on DDoS attacks and defense mechanisms in cloud and fog computing. In: Cloud Security, pp. 1927–1951. IGI Global (2019)
Google Scholar
Guesmi, H., Kalghoum, A., Ghazel, C., Saidane, L.A.: FFED: a novel strategy based on fast entropy to detect attacks against trust computing in cloud. Clust. Comput. 24(3), 1945–1954 (2021). https://doi.org/10.1007/s10586-021-03233-3
Article Google Scholar
Guesmi, T., Kalghoum, A., Alshammari, B.M., Alsaif, H., Alzamil, A.: Leveraging software-defined networking approach for future information-centric networking enhancement. Symmetry 13(3), 441 (2021)
Article Google Scholar
Jeon, H., Cho, C., Shin, S., Yoon, S.: A CloudSim-extension for simulating distributed functions-as-a-service. In: 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT). IEEE, December 2019
Google Scholar
Mohammadi, R., Javidan, R., Conti, M.: SLICOTS: an SDN-based lightweight countermeasure for TCP SYN flooding attacks. IEEE Trans. Netw. Serv. Manage. 14(2), 487–497 (2017)
Article Google Scholar
Sahay, R., Blanc, G., Zhang, Z., Debar, H.: Towards autonomic DDoS mitigation using software defined networking. In: Proceedings 2015 Workshop on Security of Emerging Networking Technologies. Internet Society (2015)
Google Scholar
Schaller, S., Hood, D.: Software defined networking architecture standardization. Comput. Stand. Interf. 54, 197–202 (2017)
Article Google Scholar
Singh, M.P., Bhandari, A.: New-flow based DDoS attacks in SDN: taxonomy, rationales, and research challenges. Comput. Commun. 154, 509–527 (2020)
Article Google Scholar
Srilatha, N., Sravani, M., Divya, Y.: Optimal round robin CPU scheduling algorithm using Manhattan distance. Int. J. Electr. Comput. Eng. (IJECE) 7(6), 3664 (2017)
Article Google Scholar
Tandon, R.: A survey of distributed denial of service attacks and defenses. https://arxiv.org/abs/2008.01345 (2020)
Velliangiri, S., Karthikeyan, P., Kumar, V.V.: Detection of distributed denial of service attack in cloud computing using the optimization-based deep networks. J. Exp. Theoret. Artif. Intell., 1–20 (2020)
Google Scholar
Wang, H., Xu, L., Gu, G.: FloodGuard: a DoS attack prevention extension in software-defined networks. In: 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 239–250 (2015)
Google Scholar
Wei, L., Fung, C.: FlowRanger: a request prioritizing algorithm for controller DoS attacks in software defined networks. In: 2015 IEEE International Conference on Communications (ICC). IEEE, June 2015
Google Scholar

Download references

Author information

Authors and Affiliations

CRISTAL LAB, National School of Computer Science, Manouba, Tunisia
Houda Guesmi, Anwar Kalghoum, Ramzi Guesmi & Leïla Azouz Saïdane

Authors

Houda Guesmi
View author publications
You can also search for this author in PubMed Google Scholar
Anwar Kalghoum
View author publications
You can also search for this author in PubMed Google Scholar
Ramzi Guesmi
View author publications
You can also search for this author in PubMed Google Scholar
Leïla Azouz Saïdane
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Houda Guesmi .

Editor information

Editors and Affiliations

University of the Balearic Islands, Palma, Mallorca, Spain
Yuhua Luo

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Guesmi, H., Kalghoum, A., Guesmi, R., Saïdane, L.A. (2021). SMC: A New Strategy Based on Software-Defined Networking to Mitigate the Impact of Anomalies on Cooperative Cloud. In: Luo, Y. (eds) Cooperative Design, Visualization, and Engineering. CDVE 2021. Lecture Notes in Computer Science(), vol 12983. Springer, Cham. https://doi.org/10.1007/978-3-030-88207-5_14

Download citation

DOI: https://doi.org/10.1007/978-3-030-88207-5_14
Published: 01 October 2021
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-88206-8
Online ISBN: 978-3-030-88207-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics