DDoS attacks & defense mechanisms in SDN-enabled cloud: Taxonomy, review and research challenges

Software-defined Networking (SDN) is a transformative approach for addressing the limitations of legacy networks due to decoupling of control planes from data planes. It offers increased programmability and flexibility for designing of cloud-based data centers. SDN-Enabled cloud data centers help in managing the huge traffic very effectively and efficiently. However, the security of SDN-Enabled Cloud data centers against different attacks is a key concern for cloud security professionals. Distributed Denial of Service Attacks have emerged as one of the most devastating attacks that constantly worried the entire cloud security research community. To prelude this, it is pertinent to fundamentally focus on classification of these attacks and their defence strategies in an effective way which has been the basis of this research paper. The aim of this paper is to formulate and conceptualize the taxonomies of DDoS attacks and its Défense mechanisms. Improved taxonomy of DDoS attacks highlights the various vulnerable points of vulnerability in SDN-enabled cloud architecture. Additionally, a taxonomy of defence mechanisms offers an extensive survey of recent techniques for detecting and mitigating DDoS attacks in the SDN-enabled cloud environment. Finally, we discuss the open research issues and challenges for the cloud security research community for carrying out future research and investigation.