ARDefense: DDoS detection and prevention using NFV and SDN

Network Function Virtualization or NFV gives numerous advantages over the conventional networking techniques by incorporating distinctive features of a network over the virtual machine (VM). It decreases capital and operational costs to give more noteworthy adaptability and flexibility. But all of these advantages come at the expense of the intrinsic system vulnerabilities because of specific sorts of cyber attacks like the Distributed Denial of Service (DDoS) attack. With the increased number of layers in NFV, it becomes easier for an attacker to execute DDoS attack. This study indicates a new model for mitigating the effects of DDoS attacks on NFV. The model has been designed specifically for the individual users especially gamers and online streamers who become victim of DDoS attack on adaily basis. However, the method can be used for a online service like a website in general as well after making certain changes which have been discussed in detail. ARDefense usually performs server migration and IP spoofing when it detects a DDoS attack on the application layer. Effectiveness of ARDefense was tested by measuring load migration and IP spoofing processing time. © 2020 IEEE.