{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,1]],"date-time":"2026-05-01T17:06:10Z","timestamp":1777655170653,"version":"3.51.4"},"reference-count":138,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2024,12,24]],"date-time":"2024-12-24T00:00:00Z","timestamp":1734998400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"crossref","award":["62472153"],"award-info":[{"award-number":["62472153"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2025,4,30]]},"abstract":"<jats:p>Low-rate threats are a class of attack vectors that are disruptive and stealthy, typically crafted for security vulnerabilities. They have been the significant concern for cyber security, impacting both conventional IP-based networks and emerging Software-Defined Networking (SDN). SDN is a revolutionary architecture that separates the control and data planes, offering advantages such as enhanced manageability, flexibility, and network programmability, as well as the ability to introduce new solutions to address security threats. However, its innovative design also poses new vulnerabilities and threats, especially susceptibility to low-rate threats. To this end, this article presents a comprehensive overview of low-rate threats in programmable networks. It explores low-rate threats and countermeasures within the SDN architecture, encompassing the data plane, control plane, control channel, and application plane, together with traditional low-rate threats and countermeasures in SDN. Furthermore, the article offers detailed insight into threats and countermeasures against low-rate attacks exploiting SDN vulnerabilities and low-rate attacks related to the programmable data plane. Additionally, it presents a comparative analysis and discussion of low-rate attacks versus high-volume attacks, along with suggestions for enhancing SDN security. This thorough review aims to assist researchers in developing more resilient and dependable countermeasures against low-rate threats in programmable networks.<\/jats:p>","DOI":"10.1145\/3704434","type":"journal-article","created":{"date-parts":[[2024,11,30]],"date-time":"2024-11-30T10:22:57Z","timestamp":1732962177000},"page":"1-32","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":16,"title":["When SDN Meets Low-rate Threats: A Survey of Attacks and Countermeasures in Programmable Networks"],"prefix":"10.1145","volume":"57","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0062-0213","authenticated-orcid":false,"given":"Dan","family":"Tang","sequence":"first","affiliation":[{"name":"College of Computer Science and Electronic Engineering, Hunan University, Changsha, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1974-4731","authenticated-orcid":false,"given":"Rui","family":"Dai","sequence":"additional","affiliation":[{"name":"College of Computer Science and Electronic Engineering, Hunan University, Changsha, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8443-0467","authenticated-orcid":false,"given":"Yudong","family":"Yan","sequence":"additional","affiliation":[{"name":"College of Computer Science and Electronic Engineering, Hunan University, Changsha, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5224-4048","authenticated-orcid":false,"given":"Keqin","family":"Li","sequence":"additional","affiliation":[{"name":"Department of Computer Science, State University of New York, New York, United States"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5074-1363","authenticated-orcid":false,"given":"Wei","family":"Liang","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Hunan University of Science and Technology, Xiangtan, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0877-3887","authenticated-orcid":false,"given":"Zheng","family":"Qin","sequence":"additional","affiliation":[{"name":"College of Computer Science and Electronic Engineering, Hunan University, Changsha, China"}]}],"member":"320","published-online":{"date-parts":[[2024,12,24]]},"reference":[{"key":"e_1_3_1_2_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2839348"},{"key":"e_1_3_1_3_2","first-page":"560","volume-title":"Proceedings of the 2017 IEEE International Conference on Internet of Things, IEEE Green Computing and Communications, IEEE Cyber, Physical, and Social Computing, and IEEE Smart Data","author":"Agborubere Belema","year":"2017","unstructured":"Belema Agborubere and Erika Sanchez-Velazquez. 2017. OpenFlow communications and TLS security in software-defined networks. In Proceedings of the 2017 IEEE International Conference on Internet of Things, IEEE Green Computing and Communications, IEEE Cyber, Physical, and Social Computing, and IEEE Smart Data. 560\u2013566."},{"issue":"2","key":"e_1_3_1_4_2","doi-asserted-by":"crossref","first-page":"12","DOI":"10.1007\/s10922-020-09580-7","article-title":"An SDN-assisted defense mechanism for the shrew DDoS attack in a cloud computing environment","volume":"29","author":"Agrawal Neha","year":"2021","unstructured":"Neha Agrawal and Shashikala Tapaswi. 2021. An SDN-assisted defense mechanism for the shrew DDoS attack in a cloud computing environment. Journal of Network and Systems Management 29, 2 (2021), 12.","journal-title":"Journal of Network and Systems Management"},{"key":"e_1_3_1_5_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2022.103212"},{"issue":"2","key":"e_1_3_1_6_2","doi-asserted-by":"crossref","first-page":"775","DOI":"10.3390\/app13020775","article-title":"Effectiveness of an entropy-based approach for detecting low-and high-rate DDoS attacks against the SDN controller: Experimental analysis","volume":"13","author":"Aladaileh Mohammad Adnan","year":"2023","unstructured":"Mohammad Adnan Aladaileh, Mohammed Anbar, Ahmed J. Hintaw, Iznan H. Hasbullah, Abdullah Ahmed Bahashwan, Taief Alaa Al-Amiedy, and Dyala R. Ibrahim. 2023. Effectiveness of an entropy-based approach for detecting low-and high-rate DDoS attacks against the SDN controller: Experimental analysis. Applied Sciences 13, 2 (2023), 775.","journal-title":"Applied Sciences"},{"key":"e_1_3_1_7_2","doi-asserted-by":"publisher","DOI":"10.3390\/app12126127"},{"key":"e_1_3_1_8_2","doi-asserted-by":"publisher","DOI":"10.3390\/sym14081563"},{"issue":"3","key":"e_1_3_1_9_2","doi-asserted-by":"crossref","first-page":"1431","DOI":"10.3390\/app13031431","article-title":"Low rate DDoS detection using weighted federated learning in SDN control plane in IoT network","volume":"13","author":"Ali Muhammad Nadeem","year":"2023","unstructured":"Muhammad Nadeem Ali, Muhammad Imran, Muhammad Salah ud din, and Byung-Seo Kim. 2023. Low rate DDoS detection using weighted federated learning in SDN control plane in IoT network. Applied Sciences 13, 3 (2023), 1431.","journal-title":"Applied Sciences"},{"key":"e_1_3_1_10_2","doi-asserted-by":"publisher","DOI":"10.3390\/app13053183"},{"key":"e_1_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2016.2626287"},{"key":"e_1_3_1_12_2","first-page":"Lecture Notes i","volume-title":"Secure IT Systems","author":"Antikainen Markku","year":"2014","unstructured":"Markku Antikainen, Tuomas Aura, and Mikko S\u00e4rel\u00e4. 2014. Spook in your network: Attacking an SDN with a compromised OpenFlow switch. In Secure IT Systems. Lecture Notes in Computer Science, Vol. 8788. Springer, 229\u2013244."},{"issue":"9","key":"e_1_3_1_13_2","doi-asserted-by":"crossref","first-page":"e4534","DOI":"10.1002\/ett.4534","article-title":"Onos flood defender: An intelligent approach to mitigate DDoS attack in SDM","volume":"33","author":"Aslam Naziya","year":"2022","unstructured":"Naziya Aslam, Shashank Srivastava, and M. M. Gore. 2022. Onos flood defender: An intelligent approach to mitigate DDoS attack in SDM. Transactions on Emerging Telecommunications Technologies 33, 9 (2022), e4534.","journal-title":"Transactions on Emerging Telecommunications Technologies"},{"key":"e_1_3_1_14_2","doi-asserted-by":"crossref","first-page":"267","DOI":"10.1145\/1879141.1879175","volume-title":"Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement","author":"Benson Theophilus","year":"2010","unstructured":"Theophilus Benson, Aditya Akella, and David A. Maltz. 2010. Network traffic characteristics of data centers in the wild. In Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement. 267\u2013280."},{"key":"e_1_3_1_15_2","doi-asserted-by":"publisher","DOI":"10.1145\/2491185.2491222"},{"key":"e_1_3_1_16_2","doi-asserted-by":"publisher","DOI":"10.1109\/WCNC45663.2020.9120472"},{"key":"e_1_3_1_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/2656877.2656890"},{"key":"e_1_3_1_18_2","doi-asserted-by":"publisher","DOI":"10.1145\/2534169.2486011"},{"issue":"2","key":"e_1_3_1_19_2","doi-asserted-by":"crossref","first-page":"302","DOI":"10.3390\/fi6020302","article-title":"Software-defined networking using OpenFlow: Protocols, applications and architectural design choices","volume":"6","author":"Braun Wolfgang","year":"2014","unstructured":"Wolfgang Braun and Michael Menth. 2014. Software-defined networking using OpenFlow: Protocols, applications and architectural design choices. Future Internet 6, 2 (2014), 302\u2013336.","journal-title":"Future Internet"},{"key":"e_1_3_1_20_2","first-page":"195","volume-title":"Proceedings of the International Conference on Recent Trends in Computer Networks and Distributed Systems Security","author":"Cambiaso Enrico","year":"2012","unstructured":"Enrico Cambiaso, Gianluca Papaleo, and Maurizio Aiello. 2012. Taxonomy of slow DoS attacks to web applications. In Proceedings of the International Conference on Recent Trends in Computer Networks and Distributed Systems Security. 195\u2013204."},{"key":"e_1_3_1_21_2","first-page":"1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Cao Jiahao","year":"2020","unstructured":"Jiahao Cao, Renjie Xie, Kun Sun, Qi Li, Guofei Gu, and Mingwei Xu. 2020. When match fields do not need to match: Buffered packets hijacking in SDN. In Proceedings of the Network and Distributed System Security Symposium. 1\u201315."},{"issue":"3","key":"e_1_3_1_22_2","doi-asserted-by":"crossref","first-page":"1416","DOI":"10.1109\/TNET.2022.3225211","article-title":"The LOFT attack: Overflowing SDN flow tables at a low rate","volume":"31","author":"Cao Jiahao","year":"2023","unstructured":"Jiahao Cao, Mingwei Xu, Qi Li, Kun Sun, and Yuan Yang. 2023. The LOFT attack: Overflowing SDN flow tables at a low rate. IEEE\/ACM Transactions on Networking 31, 3 (2023), 1416\u20131431.","journal-title":"IEEE\/ACM Transactions on Networking"},{"key":"e_1_3_1_23_2","first-page":"356","volume-title":"Proceedings of the International Conference on Security and Privacy in Communication Systems","author":"Cao Jiahao","year":"2018","unstructured":"Jiahao Cao, Mingwei Xu, Qi Li, Kun Sun, Yuan Yang, and Jing Zheng. 2018. Disrupting SDN via the data plane: A low-rate flow table overflow attack. In Proceedings of the International Conference on Security and Privacy in Communication Systems. 356\u2013376."},{"key":"e_1_3_1_24_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2021.3105187"},{"key":"e_1_3_1_25_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2023.3315128"},{"key":"e_1_3_1_26_2","unstructured":"P4 Language Consortium. 2024. Behavioral Model Version 2 (bmv2). Retrieved July 23 2024 from https:\/\/github.com\/p4lang\/behavioral-model"},{"issue":"2","key":"e_1_3_1_27_2","doi-asserted-by":"crossref","first-page":"328","DOI":"10.1109\/TETC.2018.2806977","article-title":"A novel stealthy attack to gather SDN configuration-information","volume":"8","author":"Conti Mauro","year":"2020","unstructured":"Mauro Conti, Fabio De Gaspari, and Luigi V. Mancini. 2020. A novel stealthy attack to gather SDN configuration-information. IEEE Transactions on Emerging Topics in Computing 8, 2 (2020), 328\u2013340.","journal-title":"IEEE Transactions on Emerging Topics in Computing"},{"key":"e_1_3_1_28_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2020.102595"},{"key":"e_1_3_1_29_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33167-1_12"},{"key":"e_1_3_1_30_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2765506"},{"key":"e_1_3_1_31_2","first-page":"1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Dhawan Mohan","year":"2015","unstructured":"Mohan Dhawan, Rishabh Poddar, Kshiteej Mahajan, and Vijay Mann. 2015. Sphinx: Detecting security attacks in software-defined networks. In Proceedings of the Network and Distributed System Security Symposium. 1\u201315."},{"key":"e_1_3_1_32_2","first-page":"1","volume-title":"Proceedings of the IEEE International Conference on Communications","author":"Dong Ping","year":"2016","unstructured":"Ping Dong, Xiaojiang Du, Hongke Zhang, and Tong Xu. 2016. A detection method for a novel DDoS attack against SDN controllers by vast new low-traffic flows. In Proceedings of the IEEE International Conference on Communications. 1\u20136."},{"key":"e_1_3_1_33_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-018-3407-3"},{"key":"e_1_3_1_34_2","first-page":"1","volume-title":"Proceedings of the 10th IFIP Wireless and Mobile Networking Conference","author":"Gkountis Christos","year":"2017","unstructured":"Christos Gkountis, Miran Taha, Jaime Lloret, and Georgios Kambourakis. 2017. Lightweight algorithm for protecting SDN controller against DDoS attacks. In Proceedings of the 10th IFIP Wireless and Mobile Networking Conference. 1\u20136."},{"issue":"1","key":"e_1_3_1_35_2","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1007\/s10922-022-09704-1","article-title":"A protection system against HTTP flood attacks using software defined networking","volume":"31","author":"Gon\u00e7alves Diego S. M.","year":"2023","unstructured":"Diego S. M. Gon\u00e7alves, Rodrigo S. Couto, and Marcelo G. Rubinstein. 2023. A protection system against HTTP flood attacks using software defined networking. Journal of Network and Systems Management 31, 1 (2023), 16.","journal-title":"Journal of Network and Systems Management"},{"key":"e_1_3_1_36_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2022.103561"},{"issue":"4","key":"e_1_3_1_37_2","doi-asserted-by":"crossref","first-page":"688","DOI":"10.1109\/LCOMM.2017.2766636","article-title":"SDN-assisted slow HTTP DDoS attack defense method","volume":"22","author":"Hong Kiwon","year":"2018","unstructured":"Kiwon Hong, Youngjun Kim, Hyungoo Choi, and Jinwoo Park. 2018. SDN-assisted slow HTTP DDoS attack defense method. IEEE Communications Letters 22, 4 (2018), 688\u2013691.","journal-title":"IEEE Communications Letters"},{"key":"e_1_3_1_38_2","first-page":"1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Hong Sungmin","year":"2015","unstructured":"Sungmin Hong, Lei Xu, Haopei Wang, and Guofei Gu. 2015. Poisoning network visibility in software-defined networks: New attacks and countermeasures. In Proceedings of the Network and Distributed System Security Symposium. 1\u201315."},{"key":"e_1_3_1_39_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jpdc.2020.09.006"},{"key":"e_1_3_1_40_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3013093"},{"key":"e_1_3_1_41_2","unstructured":"Intel. 2024. Intel Tofino Programmable Ethernet Switch ASIC. Retrieved July 23 2024 from https:\/\/www.intel.com\/content\/www\/us\/en\/products\/network-io\/programmable-ethernet-switch\/tofino-series.html"},{"key":"e_1_3_1_42_2","first-page":"170","volume-title":"Proceedings of the IEEE 10th Symposium on Computer Applications and Industrial Electronics","author":"Isyaku Babangida","year":"2020","unstructured":"Babangida Isyaku, Maznah Bte Kamat, Kamalrulnizam bin Abu Bakar, Mohd Soperi Mohd Zahid, and Fuad A. Ghaleb. 2020. IHTA: Dynamic Idle-Hard timeout allocation algorithm based OpenFlow switch. In Proceedings of the IEEE 10th Symposium on Computer Applications and Industrial Electronics. 170\u2013175."},{"key":"e_1_3_1_43_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2023.109732"},{"key":"e_1_3_1_44_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2023.122774"},{"key":"e_1_3_1_45_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102423"},{"key":"e_1_3_1_46_2","first-page":"1","volume-title":"Proceedings of the 4th International Conference on Computing, Communications, and Security","author":"Khamaiseh Samer","year":"2019","unstructured":"Samer Khamaiseh, Edoardo Serra, Zhiyuan Li, and Dianxiang Xu. 2019. Detecting saturation attacks in SDN via machine learning. In Proceedings of the 4th International Conference on Computing, Communications, and Security. 1\u20138."},{"key":"e_1_3_1_47_2","first-page":"44","volume-title":"Proceedings of the IEEE Conference on Network Function Virtualization and Software Defined Networks","author":"Khamaiseh Samer Y.","year":"2020","unstructured":"Samer Y. Khamaiseh, Izzat Alsmadi, and Abdullah Al-Alaj. 2020. Deceiving machine learning-based saturation attack detection systems in SDN. In Proceedings of the IEEE Conference on Network Function Virtualization and Software Defined Networks. 44\u201350."},{"key":"e_1_3_1_48_2","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1145\/2342441.2342452","volume-title":"Proceedings of the 1st Workshop on Hot Topics in Software Defined Networks","author":"Khurshid Ahmed","year":"2012","unstructured":"Ahmed Khurshid, Wenxuan Zhou, Matthew Caesar, and P. Brighten Godfrey. 2012. VeriFlow: Verifying network-wide invariants in real time. In Proceedings of the 1st Workshop on Hot Topics in Software Defined Networks. 49\u201354."},{"key":"e_1_3_1_49_2","first-page":"1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Kim Sian","year":"2023","unstructured":"Sian Kim, Changhun Jung, Rhongho Jang, David Mohaisen, and Dae Hun Nyang. 2023. A robust counting sketch for data plane intrusion detection. In Proceedings of the Network and Distributed System Security Symposium. 1\u201317."},{"key":"e_1_3_1_50_2","first-page":"4167","volume-title":"Proceedings of the IEEE Global Communications Conference","author":"Kong Dezhang","year":"2022","unstructured":"Dezhang Kong, Chunming Wu, Yi Shen, Xiang Chen, Hongyan Liu, and Dong Zhang. 2022. TableGuard: A novel security mechanism against flow table overflow attacks in SDN. In Proceedings of the IEEE Global Communications Conference. 4167\u20134172."},{"key":"e_1_3_1_51_2","first-page":"1","volume-title":"Proceedings of the IEEE\/ACM 31st International Symposium on Quality of Service","author":"Kong Dezhang","year":"2023","unstructured":"Dezhang Kong, Zhengyan Zhou, Yi Shen, Xiang Chen, Qiumei Cheng, Dong Zhang, and Chunming Wu. 2023. In-band network telemetry manipulation attacks and countermeasures in programmable networks. In Proceedings of the IEEE\/ACM 31st International Symposium on Quality of Service. 1\u201310."},{"key":"e_1_3_1_52_2","doi-asserted-by":"publisher","DOI":"10.1145\/863955.863966"},{"issue":"1","key":"e_1_3_1_53_2","doi-asserted-by":"crossref","first-page":"760","DOI":"10.1109\/TNSM.2021.3054528","article-title":"Mitigating TCP protocol misuse with programmable data planes","volume":"18","author":"Laraba Abir","year":"2021","unstructured":"Abir Laraba, J\u00e9r\u00f4me Fran\u00e7ois, Shihabur Rahman Chowdhury, Isabelle Chrisment, and Raouf Boutaba. 2021. Mitigating TCP protocol misuse with programmable data planes. IEEE Transactions on Network and Service Management 18, 1 (2021), 760\u2013774.","journal-title":"IEEE Transactions on Network and Service Management"},{"key":"e_1_3_1_54_2","doi-asserted-by":"publisher","DOI":"10.1145\/2876019.2876024"},{"key":"e_1_3_1_55_2","article-title":"An inference attack model for flow table capacity and usage: Exploiting the vulnerability of flow table overflow in software-defined network","author":"Leng Junyuan","year":"2015","unstructured":"Junyuan Leng, Yadong Zhou, Junjie Zhang, and Chengchen Hu. 2015. An inference attack model for flow table capacity and usage: Exploiting the vulnerability of flow table overflow in software-defined network. arXiv preprint arXiv:1504.03095 (2015).","journal-title":"arXiv preprint arXiv:1504.03095"},{"key":"e_1_3_1_56_2","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2685596"},{"key":"e_1_3_1_57_2","first-page":"311","volume-title":"Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation","author":"Li Yuliang","year":"2016","unstructured":"Yuliang Li, Rui Miao, Changhoon Kim, and Minlan Yu. 2016. FlowRadar: A better NetFlow for data centers. In Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation. 311\u2013324."},{"issue":"1","key":"e_1_3_1_58_2","doi-asserted-by":"crossref","first-page":"607","DOI":"10.1109\/TNSM.2019.2959268","article-title":"Detecting saturation attacks based on self-similarity of OpenFlow traffic","volume":"17","author":"Li Zhiyuan","year":"2020","unstructured":"Zhiyuan Li, Weijia Xing, Samer Khamaiseh, and Dianxiang Xu. 2020. Detecting saturation attacks based on self-similarity of OpenFlow traffic. IEEE Transactions on Network and Service Management 17, 1 (2020), 607\u2013621.","journal-title":"IEEE Transactions on Network and Service Management"},{"key":"e_1_3_1_59_2","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2022.3190932"},{"issue":"9","key":"e_1_3_1_60_2","article-title":"Advancing SDN from OpenFlow to P4: A survey","volume":"55","author":"Liatifis Athanasios","year":"2023","unstructured":"Athanasios Liatifis, Panagiotis Sarigiannidis, Vasileios Argyriou, and Thomas Lagkas. 2023. Advancing SDN from OpenFlow to P4: A survey. ACM Computing Surveys 55, 9 (2023), 37.","journal-title":"ACM Computing Surveys"},{"key":"e_1_3_1_61_2","first-page":"196","volume-title":"Proceedings of the IEEE 37th International Conference on Distributed Computing Systems","author":"Liu Sheng","year":"2017","unstructured":"Sheng Liu, Michael K. Reiter, and Vyas Sekar. 2017. Flow reconnaissance via timing attacks on SDN switches. In Proceedings of the IEEE 37th International Conference on Distributed Computing Systems. 196\u2013206."},{"key":"e_1_3_1_62_2","first-page":"1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Luo Xiapu","year":"2005","unstructured":"Xiapu Luo and Rocky K. C. Chang. 2005. On a new class of pulsing denial-of-service attacks and the defense. In Proceedings of the Network and Distributed System Security Symposium. 1\u201319."},{"key":"e_1_3_1_63_2","first-page":"1","volume-title":"Proceedings of the IEEE International Conference on Communications","author":"Lv Qian","year":"2020","unstructured":"Qian Lv, Jing Zhu, Fen Zhou, and Zuqing Zhu. 2020. Network planning with bilevel optimization to address attacks to physical infrastructure of SDN. In Proceedings of the IEEE International Conference on Communications. 1\u20136."},{"key":"e_1_3_1_64_2","doi-asserted-by":"publisher","DOI":"10.1007\/s40860-022-00171-8"},{"key":"e_1_3_1_65_2","first-page":"186","volume-title":"Proceedings of the 10th International Conference on Ubiquitous and Future Networks","author":"Mansour Christopher","year":"2018","unstructured":"Christopher Mansour and Danai Chasaki. 2018. Design of an SDN security mechanism to detect malicious activities. In Proceedings of the 10th International Conference on Ubiquitous and Future Networks. 186\u2013190."},{"key":"e_1_3_1_66_2","doi-asserted-by":"publisher","DOI":"10.1145\/1980022.1980227"},{"key":"e_1_3_1_67_2","doi-asserted-by":"publisher","DOI":"10.1145\/1355734.1355746"},{"key":"e_1_3_1_68_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-022-00641-3"},{"key":"e_1_3_1_69_2","first-page":"77","volume-title":"Proceedings of the International Conference on Computing, Networking, and Communications","author":"Mousavi Seyed Mohammad","year":"2015","unstructured":"Seyed Mohammad Mousavi and Marc St-Hilaire. 2015. Early detection of DDoS attacks against SDN controllers. In Proceedings of the International Conference on Computing, Networking, and Communications. 77\u201381."},{"key":"e_1_3_1_70_2","first-page":"422","volume-title":"Proceedings of the International Conference on Intelligent Systems for Communication, IoT, and Security","author":"Krishnakumar Sreehari","year":"2023","unstructured":"N. Saritakumar, K. V. Anusuya, and Sreehari Krishnakumar. 2023. Detection of ARP spoofing attacks in software defined networks. In Proceedings of the International Conference on Intelligent Systems for Communication, IoT, and Security. 422\u2013426."},{"key":"e_1_3_1_71_2","first-page":"282","volume-title":"Proceedings of the 29th International Florida Artificial Intelligence Research Society Conference","author":"Najafabadi Maryam M.","year":"2016","unstructured":"Maryam M. Najafabadi, Taghi M. Khoshgoftaar, Amri Napolitano, and Charles Wheelus. 2016. Rudy attack: Detection at the network level and its important features. In Proceedings of the 29th International Florida Artificial Intelligence Research Society Conference. 282\u2013287."},{"key":"e_1_3_1_72_2","first-page":"1","volume-title":"Proceedings of the IEEE Conference on Network Function Virtualization and Software Defined Networks","author":"Ndonda Gorby Kabasele","year":"2017","unstructured":"Gorby Kabasele Ndonda and Ramin Sadre. 2017. A low-delay SDN-based countermeasure to eavesdropping attacks in industrial control systems. In Proceedings of the IEEE Conference on Network Function Virtualization and Software Defined Networks. 1\u20137."},{"key":"e_1_3_1_73_2","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2014.012214.00180"},{"issue":"10","key":"e_1_3_1_74_2","doi-asserted-by":"crossref","first-page":"8477","DOI":"10.1109\/JIOT.2022.3199712","article-title":"Optimization of RBF-SVM kernel using grid search algorithm for DDoS attack detection in SDN-based VANET","volume":"10","author":"Anyanwu Goodness Oluchi","year":"2023","unstructured":"Goodness Oluchi Anyanwu, Cosmas Ifeanyi Nwakanma, Jae-Min Lee, and Dong-Seong Kim. 2023. Optimization of RBF-SVM kernel using grid search algorithm for DDoS attack detection in SDN-based VANET. IEEE Internet of Things Journal 10, 10 (2023), 8477\u20138490.","journal-title":"IEEE Internet of Things Journal"},{"key":"e_1_3_1_75_2","first-page":"17","volume-title":"Proceedings of the IFIP International Conference on ICT Systems Security and Privacy Protection","author":"Pascoal T\u00falio A.","year":"2017","unstructured":"T\u00falio A. Pascoal, Yuri G. Dantas, Iguatemi E. Fonseca, and Vivek Nigam. 2017. Slow TCAM exhaustion DDoS attack. In Proceedings of the IFIP International Conference on ICT Systems Security and Privacy Protection. 17\u201331."},{"key":"e_1_3_1_76_2","first-page":"1","volume-title":"Proceedings of the IEEE Global Communications Conference","author":"Patwardhan Aditya","year":"2019","unstructured":"Aditya Patwardhan, Deepthi Jayarama, Nitish Limaye, Shivaji Vidhale, Zarna Parekh, and Khaled Harfoush. 2019. SDN security: Information disclosure and flow table overflow attacks. In Proceedings of the IEEE Global Communications Conference. 1\u20136."},{"key":"e_1_3_1_77_2","first-page":"1","volume-title":"Proceedings of the IEEE Global Communications Conference","author":"Phan Trung V.","year":"2019","unstructured":"Trung V. Phan, T. M. Rayhan Gias, Syed Tasnimul Islam, Truong Thu Huong, Nguyen Huu Thanh, and Thomas Bauschert. 2019. Q-MIND: Defeating stealthy DoS attacks in SDN with a machine-learning based defense framework. In Proceedings of the IEEE Global Communications Conference. 1\u20136."},{"issue":"7","key":"e_1_3_1_78_2","doi-asserted-by":"crossref","first-page":"2056","DOI":"10.1109\/JSAC.2020.3041406","article-title":"DeepMatch: Fine-grained traffic flow measurement in SDN with deep dueling neural networks","volume":"39","author":"Phan Trung V.","year":"2020","unstructured":"Trung V. Phan, Tri Gia Nguyen, and Thomas Bauschert. 2020. DeepMatch: Fine-grained traffic flow measurement in SDN with deep dueling neural networks. IEEE Journal on Selected Areas in Communications 39, 7 (2020), 2056\u20132075.","journal-title":"IEEE Journal on Selected Areas in Communications"},{"key":"e_1_3_1_79_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2020.3004415"},{"key":"e_1_3_1_80_2","first-page":"1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Porras Phillip A.","year":"2015","unstructured":"Phillip A. Porras, Steven Cheung, Martin W. Fong, Keith Skinner, and Vinod Yegneswaran. 2015. Securing the software defined network control layer. In Proceedings of the Network and Distributed System Security Symposium. 1\u201315."},{"key":"e_1_3_1_81_2","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1007\/s11276-021-02823-8","article-title":"CEOF: Enhanced clustering-based entries optimization scheme to prevent flow table overflow","volume":"28","author":"Priyanka N.","year":"2021","unstructured":"N. Priyanka, T. R. Reshmi, and Krishnan Murugan. 2021. CEOF: Enhanced clustering-based entries optimization scheme to prevent flow table overflow. Wireless Networks 28 (2021), 69\u201383.","journal-title":"Wireless Networks"},{"key":"e_1_3_1_82_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2022.109098"},{"key":"e_1_3_1_83_2","doi-asserted-by":"publisher","DOI":"10.1002\/int.22442"},{"key":"e_1_3_1_84_2","doi-asserted-by":"publisher","DOI":"10.1145\/3453648"},{"key":"e_1_3_1_85_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3191430"},{"key":"e_1_3_1_86_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-26362-5_16"},{"key":"e_1_3_1_87_2","doi-asserted-by":"publisher","DOI":"10.1145\/3229616.3229620"},{"key":"e_1_3_1_88_2","first-page":"116","volume-title":"Proceedings of the 7th Asia-Pacific Workshop on Networking","author":"Harish S. A.","year":"2023","unstructured":"S. A. Harish, K. Shiv Kumar, Anibrata Majee, Amogh Bedarakota, Praveen Tammana, Pravein Govindan Kannan, and Rinku Shah. 2023. In-network probabilistic monitoring primitives under the influence of adversarial network inputs. In Proceedings of the 7th Asia-Pacific Workshop on Networking. 116\u2013122."},{"key":"e_1_3_1_89_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2018.07.017"},{"key":"e_1_3_1_90_2","doi-asserted-by":"publisher","DOI":"10.1145\/505696.505704"},{"key":"e_1_3_1_91_2","first-page":"1","volume-title":"Proceedings of the IEEE Conference on Computer Communications","author":"Shang Gao","year":"2017","unstructured":"Gao Shang, Peng Zhe, Xiao Bin, Hu Aiqun, and Ren Kui. 2017. FloodDefender: Protecting data and control plane resources under SDN-aimed DoS attacks. In Proceedings of the IEEE Conference on Computer Communications. 1\u20139."},{"key":"e_1_3_1_92_2","doi-asserted-by":"crossref","first-page":"165","DOI":"10.1145\/2491185.2491220","volume-title":"Proceedings of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking","author":"Shin Seungwon","year":"2013","unstructured":"Seungwon Shin and Guofei Gu. 2013. Attacking software-defined networks: A first feasibility study. In Proceedings of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. 165\u2013166."},{"key":"e_1_3_1_93_2","first-page":"1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Shin Seungwon","year":"2013","unstructured":"Seungwon Shin, Phillip Porras, Vinod Yegneswara, Martin Fong, Guofei Gu, and Mabry Tyson. 2013. Fresco: Modular composable security services for software-defined networks. In Proceedings of the Network and Distributed System Security Symposium. 1\u201316."},{"key":"e_1_3_1_94_2","doi-asserted-by":"crossref","first-page":"413","DOI":"10.1145\/2508859.2516684","volume-title":"Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security","author":"Shin Seungwon","year":"2013","unstructured":"Seungwon Shin, Vinod Yegneswaran, Phillip Porras, and Guofei Gu. 2013. Avant-Guard: Scalable and vigilant switch flow management in software-defined networks. In Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security. 413\u2013424."},{"key":"e_1_3_1_95_2","first-page":"1","volume-title":"Proceedings of the IEEE Asia-Pacific Conference on Computer Science and Data Engineering","author":"Shoaib Faizan","year":"2021","unstructured":"Faizan Shoaib, Yang-Wai Chow, and Elena Vlahu-Gjorgievska. 2021. Preventing timing side-channel attacks in software-defined networks. In Proceedings of the IEEE Asia-Pacific Conference on Computer Science and Data Engineering. 1\u20136."},{"key":"e_1_3_1_96_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2020.100279"},{"key":"e_1_3_1_97_2","first-page":"321","volume-title":"Proceedings of the IEEE 7th International Conference on Network Softwarization","author":"Sjoholmsierchio Michael","year":"2021","unstructured":"Michael Sjoholmsierchio, Britta Hale, Daniel Lukaszewski, and Geoffrey Xie. 2021. Strengthening SDN security: Protocol dialecting and downgrade attacks. In Proceedings of the IEEE 7th International Conference on Network Softwarization. 321\u2013329."},{"key":"e_1_3_1_98_2","first-page":"374","volume-title":"Proceedings of the 48th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks","author":"Skowyra Richard","year":"2018","unstructured":"Richard Skowyra, Lei Xu, Guofei Gu, Veer Dedhia, Thomas Hobson, Hamed Okhravi, and James Landry. 2018. Effective topology tampering attacks and defenses in software-defined networks. In Proceedings of the 48th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. 374\u2013385."},{"issue":"1","key":"e_1_3_1_99_2","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1007\/s10922-022-09714-z","article-title":"SECAP switch\u2013defeating topology poisoning attacks using P4 data planes","volume":"31","author":"Smyth Dylan","year":"2023","unstructured":"Dylan Smyth, Sandra Scott-Hayward, Victor Cionca, Sean McSweeney, and Donna O\u2019Shea. 2023. SECAP switch\u2013defeating topology poisoning attacks using P4 data planes. Journal of Network and Systems Management 31, 1 (2023), 28.","journal-title":"Journal of Network and Systems Management"},{"key":"e_1_3_1_100_2","first-page":"263","volume-title":"Proceedings of the IEEE 7th International Conference on Network Softwarization","author":"Soylu Mustafa","year":"2021","unstructured":"Mustafa Soylu, Luis Guillen, Satoru Izumi, Toru Abe, and Takuo Suganuma. 2021. NFV-Guard: Mitigating flow table-overflow attacks in SDN using NFV. In Proceedings of the IEEE 7th International Conference on Network Softwarization. 263\u2013267."},{"key":"e_1_3_1_101_2","first-page":"Lecture Notes i","volume-title":"IoT and Analytics for Sensor Networks","author":"Sudar K. Muthamil","year":"2022","unstructured":"K. Muthamil Sudar and P. Deepalakshmi. 2022. Flow-based detection and mitigation of low-rate DDOS attack in SDN environment using machine learning techniques. In IoT and Analytics for Sensor Networks. Lecture Notes in Computer Science, Vol. 244. Springer, 193\u2013205."},{"key":"e_1_3_1_102_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2021.09.039"},{"key":"e_1_3_1_103_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNSE.2023.3236970"},{"issue":"4","key":"e_1_3_1_104_2","doi-asserted-by":"crossref","first-page":"5073","DOI":"10.1109\/TNSM.2023.3270339","article-title":"FTMaster: A detection and mitigation system of low-rate flow table Overflow attacks via SDN","volume":"20","author":"Tang Dan","year":"2023","unstructured":"Dan Tang, Chenjun Gao, Wei Liang, Jiliang Zhang, and Keqin Li. 2023. FTMaster: A detection and mitigation system of low-rate flow table Overflow attacks via SDN. IEEE Transactions on Network and Service Management 20, 4 (2023), 5073\u20135084.","journal-title":"IEEE Transactions on Network and Service Management"},{"key":"e_1_3_1_105_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSC.2023.3266757"},{"key":"e_1_3_1_106_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3131531"},{"key":"e_1_3_1_107_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2023.3275768"},{"issue":"1","key":"e_1_3_1_108_2","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1109\/JSAC.2021.3126053","article-title":"Performance and features: Mitigating the low-rate TCP-targeted DoS attack via SDN","volume":"40","author":"Tang Dan","year":"2022","unstructured":"Dan Tang, Yudong Yan, Siqi Zhang, Jingwen Chen, and Zheng Qin. 2022. Performance and features: Mitigating the low-rate TCP-targeted DoS attack via SDN. IEEE Journal on Selected Areas in Communications 40, 1 (2022), 428\u2013444.","journal-title":"IEEE Journal on Selected Areas in Communications"},{"key":"e_1_3_1_109_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2023.103597"},{"key":"e_1_3_1_110_2","doi-asserted-by":"crossref","first-page":"229","DOI":"10.1016\/j.ins.2021.02.038","article-title":"The detection of low-rate DoS attacks using the SADBSCAN algorithm","volume":"565","author":"Tang Dan","year":"2021","unstructured":"Dan Tang, Siqi Zhang, Jingwen Chen, and Xiyin Wang. 2021. The detection of low-rate DoS attacks using the SADBSCAN algorithm. Information Sciences 565 (2021), 229\u2013247.","journal-title":"Information Sciences"},{"key":"e_1_3_1_111_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSC.2021.3102046"},{"issue":"3","key":"e_1_3_1_112_2","doi-asserted-by":"crossref","first-page":"3686","DOI":"10.1109\/TNSM.2022.3222846","article-title":"PeakSAX: Real-time monitoring and mitigation system for LDoS attack in SDN","volume":"20","author":"Tang Dan","year":"2023","unstructured":"Dan Tang, Zhiqing Zheng, Xiaocai Wang, Sheng Xiao, and Qiuwei Yang. 2023. PeakSAX: Real-time monitoring and mitigation system for LDoS attack in SDN. IEEE Transactions on Network and Service Management 20, 3 (2023), 3686\u20133698.","journal-title":"IEEE Transactions on Network and Service Management"},{"issue":"4","key":"e_1_3_1_113_2","article-title":"Application layer denial-of-service attacks and defense mechanisms: A survey","volume":"54","author":"Tripathi Nikhil","year":"2021","unstructured":"Nikhil Tripathi and Neminath Hubballi. 2021. Application layer denial-of-service attacks and defense mechanisms: A survey. ACM Computing Surveys 54, 4 (2021), 33.","journal-title":"ACM Computing Surveys"},{"key":"e_1_3_1_114_2","first-page":"1","volume-title":"Proceedings of the IEEE International Conference on Communications","author":"Tseng Yuchia","year":"2017","unstructured":"Yuchia Tseng, Montida Pattaranantakul, Ruan He, Zonghua Zhang, and Farid Na\u00eft-Abdesselam. 2017. Controller DAC: Securing SDN controller with dynamic access control. In Proceedings of the IEEE International Conference on Communications. 1\u20136."},{"key":"e_1_3_1_115_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2021.103093"},{"issue":"6","key":"e_1_3_1_116_2","doi-asserted-by":"crossref","first-page":"5983","DOI":"10.1109\/TVT.2022.3163960","article-title":"LBSV: Lightweight blockchain security protocol for secure storage and communication in SDN-enabled IoV","volume":"71","author":"Vishwakarma Lokendra","year":"2022","unstructured":"Lokendra Vishwakarma, Ankur Nahar, and Debasis Das. 2022. LBSV: Lightweight blockchain security protocol for secure storage and communication in SDN-enabled IoV. IEEE Transactions on Vehicular Technology 71, 6 (2022), 5983\u20135994.","journal-title":"IEEE Transactions on Vehicular Technology"},{"key":"e_1_3_1_117_2","first-page":"239","volume-title":"Proceedings of the 45th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks","author":"Wang Haopei","year":"2015","unstructured":"Haopei Wang, Lei Xu, and Guofei Gu. 2015. FloodGuard: A DoS attack prevention extension in software-defined networks. In Proceedings of the 45th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. 239\u2013250."},{"key":"e_1_3_1_118_2","doi-asserted-by":"crossref","first-page":"455","DOI":"10.1007\/978-3-319-50011-9_35","volume-title":"Proceedings of the 18th International Conference on Information and Communications Security","author":"Wang Xin","year":"2016","unstructured":"Xin Wang, Neng Gao, Lingchen Zhang, Zongbin Liu, and Lei Wang. 2016. Novel MITM attacks on security protocols in SDN: A feasibility study. In Proceedings of the 18th International Conference on Information and Communications Security. 455\u2013465."},{"key":"e_1_3_1_119_2","first-page":"1512","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"Xiao Feng","year":"2020","unstructured":"Feng Xiao, Jinquan Zhang, Jianwei Huang, Guofei Gu, Dinghao Wu, and Peng Liu. 2020. Unexpected data dependency creation and chaining: A new attack to SDN. In Proceedings of the IEEE Symposium on Security and Privacy. 1512\u20131526."},{"issue":"5","key":"e_1_3_1_120_2","doi-asserted-by":"crossref","first-page":"2158","DOI":"10.1109\/TNET.2022.3169136","article-title":"Disrupting the SDN control channel via shared links: Attacks and countermeasures","volume":"30","author":"Xie Renjie","year":"2022","unstructured":"Renjie Xie, Jiahao Cao, Qi Li, Kun Sun, Guofei Gu, Mingwei Xu, and Yuan Yang. 2022. Disrupting the SDN control channel via shared links: Attacks and countermeasures. IEEE\/ACM Transactions on Networking 30, 5 (2022), 2158\u20132172.","journal-title":"IEEE\/ACM Transactions on Networking"},{"key":"e_1_3_1_121_2","first-page":"1","volume-title":"Proceedings of the IEEE International Conference on Communications","author":"Xie Renjie","year":"2019","unstructured":"Renjie Xie, Mingwei Xu, Jiahao Cao, and Qi Li. 2019. SoftGuard: Defend against the low-rate TCP attack in SDN. In Proceedings of the IEEE International Conference on Communications. 1\u20136."},{"issue":"1","key":"e_1_3_1_122_2","first-page":"6667922","article-title":"A table overflow LDoS attack defending mechanism in software-defined networks","volume":"2021","author":"Xie Shengxu","year":"2021","unstructured":"Shengxu Xie, Changyou Xing, Guomin Zhang, and Jinlong Zhao. 2021. A table overflow LDoS attack defending mechanism in software-defined networks. Security and Communication Networks 2021, 1 (2021), 6667922.","journal-title":"Security and Communication Networks"},{"key":"e_1_3_1_123_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2019.107092"},{"key":"e_1_3_1_124_2","first-page":"451","volume-title":"Proceedings of the 26th USENIX Security Symposium","author":"Xu Lei","year":"2017","unstructured":"Lei Xu, Jeff Huang, Sungmin Hong, Jialong Zhang, and Guofei Gu. 2017. Attacking the brain: Races in the SDN control plane. In Proceedings of the 26th USENIX Security Symposium. 451\u2013468."},{"key":"e_1_3_1_125_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2017.2758796"},{"key":"e_1_3_1_126_2","first-page":"419","volume-title":"Proceedings of the 21st USENIX Symposium on Networked Systems Design and Implementation","author":"Yan Jinzhu","year":"2024","unstructured":"Jinzhu Yan, Haotian Xu, Zhuotao Liu, Qi Li, Ke Xu, Mingwei Xu, and Jianping Wu. 2024. Brain-on-Switch: Towards advanced intelligent network data plane via NN-driven traffic analysis at line-speed. In Proceedings of the 21st USENIX Symposium on Networked Systems Design and Implementation. 419\u2013440."},{"issue":"2","key":"e_1_3_1_127_2","doi-asserted-by":"crossref","first-page":"377","DOI":"10.1109\/JSAC.2019.2959184","article-title":"STEREOS: Smart table entry eviction for OpenFlow switches","volume":"38","author":"Yang Hemin","year":"2019","unstructured":"Hemin Yang, George F. Riley, and Douglas M. Blough. 2019. STEREOS: Smart table entry eviction for OpenFlow switches. IEEE Journal on Selected Areas in Communications 38, 2 (2019), 377\u2013388.","journal-title":"IEEE Journal on Selected Areas in Communications"},{"key":"e_1_3_1_128_2","doi-asserted-by":"publisher","DOI":"10.1109\/tnet.2017.2748159"},{"key":"e_1_3_1_129_2","first-page":"1519","volume-title":"Proceedings of the IEEE Conference on Computer Communications","author":"Yu Mingli","year":"2020","unstructured":"Mingli Yu, Ting He, Patrick McDaniel, and Quinn K. Burke. 2020. Flow table security in SDN: Adversarial reconnaissance and intelligent attacks. In Proceedings of the IEEE Conference on Computer Communications. 1519\u20131528."},{"issue":"2","key":"e_1_3_1_130_2","doi-asserted-by":"crossref","first-page":"231","DOI":"10.1109\/TSC.2016.2602861","article-title":"Defending against flow table overloading attack in software-defined networks","volume":"12","author":"Yuan Bin","year":"2016","unstructured":"Bin Yuan, Deqing Zou, Shui Yu, Hai Jin, Weizhong Qiang, and Jinan Shen. 2016. Defending against flow table overloading attack in software-defined networks. IEEE Transactions on Services Computing 12, 2 (2016), 231\u2013246.","journal-title":"IEEE Transactions on Services Computing"},{"key":"e_1_3_1_131_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2019.2948167"},{"key":"e_1_3_1_132_2","doi-asserted-by":"crossref","first-page":"103444","DOI":"10.1016\/j.jnca.2022.103444","article-title":"A flexible SDN-based framework for slow-rate DDoS attack mitigation by using deep reinforcement learning","volume":"205","author":"Yungaicela-Naula Noe M.","year":"2022","unstructured":"Noe M. Yungaicela-Naula, Cesar Vargas-Rosales, Jes\u00fas Arturo P\u00e9rez-D\u00edaz, and Diego Fernando Carrera. 2022. A flexible SDN-based framework for slow-rate DDoS attack mitigation by using deep reinforcement learning. Journal of Network and Computer Applications 205 (2022), 103444.","journal-title":"Journal of Network and Computer Applications"},{"key":"e_1_3_1_133_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2785236"},{"key":"e_1_3_1_134_2","doi-asserted-by":"publisher","DOI":"10.1109\/tnet.2020.3040773"},{"key":"e_1_3_1_135_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2024.3364757"},{"key":"e_1_3_1_136_2","doi-asserted-by":"crossref","first-page":"43920","DOI":"10.1109\/ACCESS.2020.2976609","article-title":"Low-rate DoS attacks, detection, defense, and challenges: A survey","volume":"8","year":"2020","unstructured":"Zhijun Wu, Wenjing Li, Liang Liu, and Meng Yue. 2020. Low-rate DoS attacks, detection, defense, and challenges: A survey. IEEE Access 8 (2020), 43920\u201343943.","journal-title":"IEEE Access"},{"key":"e_1_3_1_137_2","doi-asserted-by":"publisher","DOI":"10.5555\/3620237.3620584"},{"issue":"1","key":"e_1_3_1_138_2","first-page":"4760632","article-title":"Exploiting the vulnerability of flow table overflow in software-defined network: Attack model, evaluation, and defense","volume":"2018","author":"Zhou Yadong","year":"2018","unstructured":"Yadong Zhou, Kaiyue Chen, Junjie Zhang, Junyuan Leng, and Yazhe Tang. 2018. Exploiting the vulnerability of flow table overflow in software-defined network: Attack model, evaluation, and defense. Security and Communication Networks 2018, 1 (2018), 4760632.","journal-title":"Security and Communication Networks"},{"key":"e_1_3_1_139_2","first-page":"1195","volume-title":"Proceedings of the 13th International Conference on Advanced Communication Technology","author":"Zhu Qiao","year":"2011","unstructured":"Qiao Zhu, Zhang Yizhi, and Xie Chuiyi. 2011. Research and survey of low-rate denial of service attacks. In Proceedings of the 13th International Conference on Advanced Communication Technology. 1195\u20131198."}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3704434","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3704434","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:18:05Z","timestamp":1750295885000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3704434"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,24]]},"references-count":138,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2025,4,30]]}},"alternative-id":["10.1145\/3704434"],"URL":"https:\/\/doi.org\/10.1145\/3704434","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,12,24]]},"assertion":[{"value":"2023-05-04","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-10-19","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-12-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}