A comprehensive survey on low-rate and high-rate DDoS defense approaches in SDN: taxonomy, research challenges, and opportunities

Software Defined Networking (SDN) expands the networking capabilities using abstraction, open-source protocols, energy efficiency, and programmable features for controlling the forwarding devices at the network edges and intensifying the network performance. Despite all the unprecedented features, SDN still might get exploited by an attacker to launch Distributed Denial of Service (DDoS) attacks at SDN planes i.e. Application, Control, and Data planes. Substantially, the DDoS attacks have been implemented by sending volumetric malicious traffic to exhaust the targeted resources. Such attacks can be easily observed and detected due to their high packet rates. Thus, now attackers are fascinated by the Low-Rate DDoS (LR-DDoS) attacks. In recent years, many efforts have been devoted to defending against the DDoS attacks in SDN. As the attackers benefit from the programmable nature of SDN, an in-detail review of various DDoS attacks and their corresponding defense approaches are essential. Initially, this paper presents a conceptual architecture of SDN and discusses the vulnerable locations in each plane that are exploited by the attacker for launching the DDoS attacks. Secondly, the work offers a detailed classification of DDoS attacks (HR-DDoS and LR-DDoS) concerning the SDN planes and the corresponding defense solutions. The convergence point of this research work is to discover the related security issues and stimulate the network researchers to counter these issues by employing the respective SDN DDoS defense solutions efficiently. Finally, the work gets concluded with a focus on the respective future challenges.