TY - JOUR
T1 - A comprehensive survey on DDoS defense systems
T2 - New trends and challenges
AU - Li, Qing
AU - Huang, He
AU - Li, Ruoyu
AU - Lv, Jianhui
AU - Yuan, Zhenhui
AU - Ma, Lianbo
AU - Han, Yi
AU - Jiang, Yong
N1 - Funding information: This work is supported by the National Key Research and Development Program of China under Grant 2020YFB1804704, National Natural Science Foundation of China under grant No. 61972189, and the Shenzhen Key Lab of Software Defined Networking under grant No. ZDSYS20140509172959989.
PY - 2023/9/1
Y1 - 2023/9/1
N2 - In the past ten years, the source of DDoS has migrated to botnets composed of IoT devices. The scale of DDoS attacks increases dramatically with the number of IoT devices.New variants of DDoS attacks using different system vulnerabilities emerge in an endless stream. In response to this situation, researchers have made significant contributions to the field of DDoS defense by applying modern programmable network technology and network-level resource scheduling management technology. However, the existing review articles need more research on these technologies. After investigating the development trend of DDoS attacks in recent years and the new challenges caused by them, this paper classifies the new technologies that have emerged in the field of DDoS defense in the past ten years. Among them, the collaboration between domains and inter-domain resource scheduling is one of the critical challenges in designing a large-scale distributed DDoS cooperative defense system. In addition, modern programmable network technology has dramatically expanded network systems’ functional diversity and deployment flexibility. We will discuss building a defense system based on programmable networks and focus on SOTA defense solutions based on programmable switches. Finally, developing DDoS defense mechanisms with broad-spectrum detection capabilities, robustness against adversarial attacks, and cost-effective and collaborative DDoS defense mechanisms for establishing the Internet are future research directions in network security.
AB - In the past ten years, the source of DDoS has migrated to botnets composed of IoT devices. The scale of DDoS attacks increases dramatically with the number of IoT devices.New variants of DDoS attacks using different system vulnerabilities emerge in an endless stream. In response to this situation, researchers have made significant contributions to the field of DDoS defense by applying modern programmable network technology and network-level resource scheduling management technology. However, the existing review articles need more research on these technologies. After investigating the development trend of DDoS attacks in recent years and the new challenges caused by them, this paper classifies the new technologies that have emerged in the field of DDoS defense in the past ten years. Among them, the collaboration between domains and inter-domain resource scheduling is one of the critical challenges in designing a large-scale distributed DDoS cooperative defense system. In addition, modern programmable network technology has dramatically expanded network systems’ functional diversity and deployment flexibility. We will discuss building a defense system based on programmable networks and focus on SOTA defense solutions based on programmable switches. Finally, developing DDoS defense mechanisms with broad-spectrum detection capabilities, robustness against adversarial attacks, and cost-effective and collaborative DDoS defense mechanisms for establishing the Internet are future research directions in network security.
KW - DDoS defense system
KW - Distributed Denial of Service (DDoS)
KW - Programmable switch
KW - Resource scheduling
KW - SDN/NFV
UR - http://www.scopus.com/inward/record.url?scp=85163874237&partnerID=8YFLogxK
U2 - 10.1016/j.comnet.2023.109895
DO - 10.1016/j.comnet.2023.109895
M3 - Article
SN - 1389-1286
VL - 233
JO - Computer Networks
JF - Computer Networks
M1 - 109895
ER -