Detection Techniques of Distributed Denial of Service Attacks on Software-Defined Networking Controller–A Review

The wide proliferation of telecommunication technologies in the last decade gives rise to the number of more sophisticated security threats. Software-Defined Networking (SDN) is a new networking architecture that isolates the network control plane from the data plane that incidentally provides better features and functionalities to detect and deal with those security threats. Its elastic programmable feature permits efficient network management and provides network operators with the flexibility to monitor and fine-tune their network. However, the new technology also created many new security concerns, and the threat of Distributed Denial of Service (DDoS) attack is one of the major concerns. This paper presents a comprehensive review of state-of-the-art techniques to detect DDoS attacks on SDN controller. It first describes the SDN technology and then elaborates on the mechanism of DDoS attacks on SDN. Additionally, this paper also describes all major DDoS detection techniques and classifies them at a very high level according to the techniques or methods used. The current survey is qualitatively compared with the existing surveys using various author-defined metrics. Finally, this paper provides a guideline for future research related to detection techniques of DDoS against the SDN controller.