ArOMA: An SDN based, autonomic DDoS mitigation framework

Distributed Denial of Service (DDoS) attacks have been the plague of the Internet for more than two decades, despite the tremendous and continuous efforts from both academia and industry to counter them. The lessons learned from the past DDoS mitigation designs indicate that the heavy reliance on additional software modules and dedicated hardware devices seriously impede their widespread deployment. This paper proposes an autonomic DDoS defense framework, called ArOMA, that leverages the programmability and centralized manageability features of Software Defined Networking (SDN) paradigm. Specifically, ArOMA can systematically bridge the gaps between different security functions, ranging from traffic monitoring to anomaly, detection to mitigation, while sparing human operators from non-trivial interventions. It also facilitates the collaborations between ISPs and their customers on DDoS mitigation by logically distributing the essential security functions, allowing the ISP to handle DDoS traffic based on the requests of its customers. Our experimental results demonstrate that, in the face of DDoS flooding attacks, ArOMA can effectively maintain the performance of video streams at a satisfactory level. (C) 2017 Elsevier Ltd. All rights reserved.