A Comprehensive Survey of Distributed Denial of Service Detection and Mitigation Technologies in Software-Defined Network
軟體定義網路中分散式拒絕服務偵測與緩解技術的全面調查

Received: 31 December 2023
收到：2023 年 12 月 31 日
Revised: 29 January 2024
修訂日期：2024 年 1 月 29 日
Accepted: 8 February 2024
接受：2024 年 2 月 8 日
Published: 19 February 2024
發佈日期：2024 年 2 月 19 日

1. Introduction  1.簡介

• We provide a description of the security vulnerabilities that exist in SDN as well as the prevalent DDoS attacks that target SDN networks.
  我們說明 SDN 中存在的安全漏洞，以及針對 SDN 網路的普遍 DDoS 攻擊。
• We conducted a literature review on popular DDoS attack detection and mitigation technologies in SDN and categorized and evaluated them according to the technologies utilized. DDoS attack detection and mitigation technologies in SDN environments encompass statistical analysis techniques, machine learning techniques, hybrid detection techniques, policy-based techniques, and, particularly, moving target defense techniques, which are less commonly discussed in the literature. Furthermore, we conducted a comparative assessment of the benefits and drawbacks linked to these technologies.
  我們針對 SDN 中流行的 DDoS 攻擊偵測與緩解技術進行文獻回顧，並根據所使用的技術進行分類與評估。SDN 環境中的 DDoS 攻擊偵測與減緩技術包含統計分析技術、機器學習技術、混合偵測技術、政策式技術，尤其是文獻中較少討論的移動目標防禦技術。此外，我們對這些技術的優缺點進行了比較評估。
• Finally, we analyze the experimental environment used in the relevant literature and briefly summarize the research challenges and gaps in DDoS attack defense technology in SDN.
  最後，我們分析相關文獻所使用的實驗環境，並簡要總結 SDN 中 DDoS 攻擊防禦技術的研究挑戰與缺口。

2. Research Methodology  2.研究方法

• RQ 1: What are the weaknesses of SDN compared to traditional networks, and to what DDoS attacks is it more susceptible?
  問題 1：與傳統網路相比，SDN 有哪些弱點，以及它更容易受到哪些 DDoS 攻擊？
• RQ 2: What technical methods do researchers typically use to detect and mitigate DDoS attacks in SDN environments?
  問題 2：研究人員通常使用哪些技術方法來偵測和緩解 SDN 環境中的 DDoS 攻擊？
• RQ 3: What are the benefits and drawbacks of current detection and mitigation technologies? What are the current challenges in research?
  問題 3：目前的偵測和緩解技術有哪些優點和缺點？目前的研究挑戰為何？
  To find papers related to the research questions, we followed a three-stage selection procedure: (1) identifying search terms, (2) selecting sources, and (3) applying inclusion/exclusion criteria to the selected papers:
  為了找到與研究問題相關的論文，我們遵循三階段的篩選程序：(1) 確定搜尋詞彙，(2) 選擇資料來源，(3) 對所選的論文應用納入/排除標準：
• Search terms: This stage primarily determines the keywords to search and search strings. For the research of DDoS attacks on SDN, the identified keywords were as follows: “SDN”, “DDoS”, “Controller Resource Saturation”, and “Flow Table Overloading”. Meanwhile, to define the search string, the Boolean operation “OR” was used to select optional words and synonyms, while “AND” was used to select relevant terms, thereby generating the search string. The following keywords were selected as the search string: “(software-defined network” OR “SDN”) AND (“DDoS” OR “Controller Resource Saturation” OR “Bandwidth Saturation” OR “Flow Table Overloading”)".
  搜尋字串：此階段主要決定搜尋的關鍵字及搜尋字串。針對 SDN 的 DDoS 攻擊研究，確定的關鍵字如下："SDN」、「DDoS」、「Controller Resource Saturation」、「Flow Table Overloading」。同時，為了定義搜尋字串，使用布林運算「OR」來選擇可選詞和同義詞，而使用「AND」來選擇相關詞彙，進而產生搜尋字串。選取下列關鍵字作為搜尋字串：「（軟體定義網路」 OR "SDN") AND ("DDoS" OR "Controller Resource Saturation" OR "Bandwidth Saturation" OR "Flow Table Overloading")"。
• Search library: We selected Google scholar, IEEE Xplore, Springer, Science Direct, Wiley, Hindawi, and ACM as the databases to search the literature. At the same time, we also searched the relevant literature on CNKI and selected articles with higher impact factors.
  搜尋資料庫：我們選擇了 Google scholar、IEEE Xplore、Springer、Science Direct、Wiley、Hindawi 和 ACM 等資料庫進行文獻檢索。同時，我們也搜尋了 CNKI 上的相關文獻，並選擇了影響因子較高的文章。
• Inclusion/exclusion criteria: We further reviewed the literature retrieved from the database and established exclusion criteria to eliminate studies that were not relevant to the defined research question. The exclusion criteria are defined as follows:
  納入/排除標準：我們進一步檢視從資料庫中擷取的文獻，並建立排除標準，以剔除與界定的研究問題無關的研究。排除標準的定義如下：
• Multiple research studies.
  多項研究調查。
• Studies that do not provide an equivalent amount of information.
  無法提供等量資訊的研究。
• The literature without adequate experimental support.
  沒有足夠實驗支持的文獻。
• Not strongly correlated with SDN.
  與 SDN 關聯性不強。

3. Vulnerable Points and DDoS Attacks in SDN
3.SDN 中的弱點與 DDoS 攻擊

Due to its flexible architecture and non-standardized protocols, SDN has more vulnerabilities in terms of security, leading to a series of new security issues. SDN is not only susceptible to DDoS attacks targeting server devices or services in traditional networks but also to new types of DDoS attacks against switches and controllers, which can cause damage to the network. The security issues and DDoS attacks faced by SDN architecture are shown in Figure 1.
由於 SDN 靈活的架構和非標準化的通訊協定，在安全性方面有較多的弱點，導致一系列新的安全問題。SDN 不僅容易受到傳統網路中針對伺服器設備或服務的 DDoS 攻擊，也容易受到針對交換器和控制器的新型 DDoS 攻擊，對網路造成損害。SDN 架構所面臨的安全問題與 DDoS 攻擊如圖 1 所示。

• The security of the data plane. The limited storage space for flow table entries in data plane switches can lead to overload or buffer overflow when attackers send a large amount of traffic, depleting the computing resources of the control plane. There is a vulnerability in the timeout mechanism of the OpenFlow protocol used for communication between the controller and the switch. Flow table entries are not updated in real-time, so when attackers send false flow table entries to the switch, they continue to be stored in the switch, affecting the normal forwarding of related packets and potentially disrupting the network topology [9].
  資料平面的安全性。資料平面交換器的流量表項儲存空間有限，當攻擊者傳送大量流量時，可能導致超載或緩衝記憶體滿溢，耗盡控制平面的運算資源。用於控制器與交換器之間通訊的 OpenFlow 通訊協定的逾時機制存在漏洞。流量表項目並非即時更新，因此當攻擊者傳送虛假流量表項目至交換機時，這些項目仍會繼續儲存於交換機中，影響相關封包的正常轉送，並可能破壞網路拓樸結構 [9]。
• The security of the control plane. The control plane controller has network control capabilities. When the controller is hijacked, attackers can use it to carry out network eavesdropping, IP address spoofing, and routing modifications, which can compromise the integrity and confidentiality of the network [8]. A hijacked controller can also send false messages to launch DDoS attacks and deplete network resources.
  控制平面的安全性。控制平面控制器具有網路控制能力。當控制器被挾持時，攻擊者可以利用它進行網路竊聽、IP 位址偽造和路由修改，從而危及網路的完整性和機密性 [8]。被騎劫的控制器也可以傳送虛假訊息來發動 DDoS 攻擊，耗盡網路資源。
• The security of the application plane. The application layer defines the functionality of the network controller. However, due to the absence of strict access control mechanisms, attackers can execute malicious programs on the application layer to gain access to network intelligence or deplete resources. Attackers can also target specific applications in SDN systems by sending resource-intensive requests to consume the network bandwidth and disrupt network availability [10].
  應用層的安全性。應用層定義了網路控制器的功能。然而，由於缺乏嚴格的存取控制機制，攻擊者可以在應用層上執行惡意程式，以獲取網路情報或消耗資源。攻擊者也可以針對 SDN 系統中的特定應用程式，傳送資源密集型的請求，以消耗網路頻寬和破壞網路可用性 [10]。
• The security of communication and protocols. The OpenFlow protocol used in the southbound interface encrypts data using SSL/TLS for secure communication. However, the OpenFlow 1.3 .0 specification made TLS optional, which means that communication in the southbound interface may not be secure [11]. Therefore, attackers can intercept or tamper with data packets in southbound communication or exploit the interactive nature of the OpenFlow protocol to launch DDoS attacks and deplete network resources. The absence of standardized protocols in the northbound interface makes data transmission vulnerable to eavesdropping, significantly compromising network confidentiality.
  通訊和通訊協定的安全性。南向介面使用的 OpenFlow 通訊協定會使用 SSL/TLS 加密資料，以確保通訊安全。然而，OpenFlow 1.3 .0 規格將 TLS 列為選項，這表示南向介面的通訊可能不安全 [11]。因此，攻擊者可以攔截或篡改南向通訊中的資料封包，或利用 OpenFlow 通訊協定的互動特性發動 DDoS 攻擊，耗盡網路資源。北向介面缺乏標準化通訊協定，使得資料傳輸容易遭到竊聽，嚴重損害網路機密性。
  Based on these aforementioned security issues, attackers can exploit vulnerabilities to launch DDoS attacks, which can impact network availability. Since the controller is a core component of the SDN architecture, DDoS attacks targeting SDN controllers have become an important type of DDoS attack [12]. Figure 1 also categorizes DDoS attack types
  基於上述安全問題，攻擊者可利用漏洞發動 DDoS 攻擊，進而影響網路可用性。由於控制器是 SDN 架構的核心元件，因此針對 SDN 控制器的 DDoS 攻擊已成為重要的 DDoS 攻擊類型 [12]。圖 1 也對 DDoS 攻擊類型進行了分類
  according to the SDN architecture plane. Table 2 summarizes the characteristics of DDoS attacks in SDN environments.
  根據 SDN 架構平面。表 2 總結了 SDN 環境中 DDoS 攻擊的特徵。

• Data plane DDoS attacks. Data plane OpenFlow switches use ternary contentaddressable memory (TCAM) to store forwarding rules. TCAM has high storage efficiency but is expensive and has limited space. When there is a need to store forwarding rules for a large amount of traffic, table overflow can occur [13]. On the other hand, OpenFlow switches have a vulnerability in their static timeout policy. The flow rules stored in the switch are only deleted if no matching packets are received within a certain period of time. The Low-Rate Flow Table Overflow (LOFT) attack exploits this vulnerability by sending low-rate attack traffic based on the flow table timeout rules, saturating the switch’s flow table entries and preventing the normal forwarding of traffic [14]. Another common data plane attack is switch spoofing [15]. Since data plane switches do not have the ability to identify controller flow tables, attackers can send malicious flow table entries to modify the switch’s IP address. When the controller tries to connect to the switch using an IP address, the malicious switch impersonates the IP address and communicates with the controller, causing the controller to lose connection with legitimate switches and disrupt network availability.
  資料平面 DDoS 攻擊。資料平面 OpenFlow 交換器使用三元內容可定址記憶體 (TCAM) 來儲存轉送規則。TCAM 儲存效率高，但價格昂貴且空間有限。當需要儲存大量流量的轉送規則時，可能會發生表滿溢的情況 [13]。另一方面，OpenFlow 交換器的靜態逾時政策存在漏洞。只有在某段時間內沒有收到匹配的封包，交換器中儲存的流量規則才會被刪除。低速率流量表溢出（LOFT）攻擊就是利用這個漏洞，根據流量表超時規則傳送低速率攻擊流量，使交換器的流量表項目達到飽和，無法正常轉送流量 [14]。另一種常見的資料平面攻擊是交換器欺騙 [15]。由於資料平面交換器沒有識別控制器流量表的能力，攻擊者可以傳送惡意流量表項目來修改交換器的 IP 位址。當控制器嘗試使用 IP 位址連線至交換器時，惡意交換器就會冒充 IP 位址與控制器通訊，導致控制器與合法交換器失去連線，並擾亂網路可用性。
• Control plane DDoS attack. When a switch processes packets that do not match its flow table entries, it sends a Packet In message to the controller in order to retrieve the corresponding flow table information. Attackers inject a large number of invalid packets, causing the switch to send numerous Packet In messages to the controller. This action consumes controller resources and achieves the goal of saturating the controller with a DDoS attack.
  控制平面 DDoS 攻擊。當交換器處理與流量表項目不符的封包時，它會傳送 Packet In 訊息到控制器，以擷取對應的流量表資訊。攻擊者注入大量無效封包，導致交換器向控制器傳送大量 Packet In 訊息。此動作會消耗控制器資源，並達到 DDoS 攻擊使控制器飽和的目的。
• Application plane DDoS attacks. Application plane DDoS attacks exploit the weak access control mechanism of SDN [7]. Applications with design flaws can create a large number of threads, which can consume memory resources or deplete the bandwidth resources of northbound interfaces. Malicious applications can simultaneously consume controller resources by generating a large number of resource-intensive requests. Traditional application plane attacks, such as HTTP Flood and DNS Flood attacks, are also major DDoS attack methods in SDN.
  應用平面 DDoS 攻擊。應用平面 DDoS 攻擊利用 SDN 薄弱的存取控制機制 [7]。存在設計缺陷的應用程式會產生大量線程，進而消耗記憶體資源或耗盡北向介面的頻寬資源。惡意應用程式可透過產生大量資源密集型請求，同時消耗控制器資源。傳統的應用程式平面攻擊，例如 HTTP Flood 和 DNS Flood 攻擊，也是 SDN 中主要的 DDoS 攻擊方式。

4. DDoS Attack Detection Technology in SDN
4.SDN 中的 DDoS 攻擊偵測技術

4.1. Statistical Analysis-Based DDoS Attack Detection Technology
4.1.以統計分析為基礎的 DDoS 攻擊偵測技術

4.1.1. Information Entropy-Based DDoS Attack Detection Technology
4.1.1.基於資訊熵的 DDoS 攻擊偵測技術

4.1.2. Traffic Statistics-Based DDoS Attack Detection Technology
4.1.2.基於流量統計的 DDoS 攻擊偵測技術

4.2. Machine Learning-Based DDoS Attack Detection Technology
4.2.基於機器學習的 DDoS 攻擊偵測技術

4.3. Deep Learning-Based DDoS Attack Detection Technology
4.3.基於深度學習的 DDoS 攻擊偵測技術

4.4. Hybrid Detection Technology
4.4.混合偵測技術

5. DDoS Attack Mitigation Techniques in SDN
5.SDN 中的 DDoS 攻擊緩解技術

5.1. Policy-Based DDoS Attack Mitigation Techniques
5.1.政策式 DDoS 攻擊減緩技術

Implementing forwarding policies in switches and controllers, as well as controlling traffic forwarding, filtering, dropping, rate limiting, and redirecting packets, are widely employed techniques for mitigating DDoS attacks. Figure 2 illustrates commonly used policy-based DDoS attack mitigation methods.
在交換器和控制器中實施轉送政策，以及控制流量轉送、過濾、丟失、速率限制和封包重定向，是廣泛使用的 DDoS 攻擊緩解技術。圖 2 說明常用的政策式 DDoS 攻擊緩解方法。

5.2. Moving Target Defense Technology
5.2.移動目標防禦技術

5.2.1. Port Address Hopping-Based Defense Technology
5.2.1.以埠位址跳躍為基礎的防禦技術

5.2.2. Other Moving Target Defense Technology
5.2.2.其他移動目標防禦技術

6. Experiment Environment Analysis of the Literature
6.實驗環境文獻分析

6.1. SDN Simulator and Controller
6.1.SDN 模擬器與控制器

6.2. DDoS Traffic Generation Tools and Datasets
6.2.DDoS 流量產生工具與資料集

7. Research Challenges and Gap
7.研究挑戰與差距

• Application plane security. At present, most DDoS attack detection methods are deployed on the SDN control plane and data plane, neglecting security detection on the application plane. In fact, the security of the northbound interface of the SDN control plane also plays a crucial role in the normal operation of the SDN. Due to the openness and flexibility of SDN, there is a lack of strict access control, identity authentication, and abnormal detection mechanisms in the application layer. Attackers can launch a high volume of API calls within a short timeframe using malicious applications, resulting in controller crashes and the complete paralysis of the entire
  應用平面安全。目前，大多數 DDoS 攻擊偵測方法都部署在 SDN 控制平面與資料平面，忽略了應用平面的安全偵測。事實上，SDN 控制平面北向介面的安全性對 SDN 的正常運作也扮演著關鍵的角色。由於 SDN 的開放性和靈活性，在應用層缺乏嚴格的存取控制、身分認證和異常偵測機制。攻擊者可以利用惡意的應用程式，在短時間內啟動大量的 API 呼叫，導致控制器當機，整個系統完全癱瘓。
  network. Therefore, strengthening the security of the SDN application layer is also an important measure to defend against DDoS attacks.
  網路。因此，加強 SDN 應用層的安全性也是防禦 DDoS 攻擊的重要措施。
• Real network scenarios and load balance. In real-world scenarios, SDN architecture inevitably faces synchronization and load-balancing issues caused by multi-controller systems. Currently, most research is based on simulation experiments of singlecontroller SDN systems. In real SDN deployments, a single controller system is unreliable. In a multi-controller system, the traffic of switches is distributed among various switches, which poses difficulties for DDoS attack detection. On one hand, DDoS attacks are more covert due to dispersed traffic, requiring more targeted detection thresholds. On the other hand, SDN with multiple controllers also needs to consider load balancing, distributing traffic evenly among different controllers to prevent being mistaken for an attack due to heavy load on a single controller. Wang et al. [111] deployed a DDoS attack defense scheme in a multi-controller system but did not consider the synchronization strategy of multiple controllers. The problem of effectively allocating resources, achieving load balancing, and synchronizing flow table information from multiple controllers is a challenge that SDN security policy deployment needs to address.
  真實網路情境與負載平衡。在現實世界的情境中，SDN 架構無可避免地面臨多控制器系統所造成的同步與負載平衡問題。目前，大部分研究都是基於單控制器 SDN 系統的模擬實驗。在實際的 SDN 部署中，單一控制器系統是不可靠的。在多控制器系統中，交換器的流量分散在不同的交換器上，這對 DDoS 攻擊偵測造成困難。一方面，DDoS 攻擊因流量分散而更具隱蔽性，需要更具針對性的偵測臨界值。另一方面，多控制器的 SDN 也需要考慮負載平衡，將流量平均分配到不同的控制器，避免因單一控制器負載過重而被誤判為攻擊。Wang 等人[111]在多控制器系統中部署了 DDoS 攻擊防禦方案，但沒有考慮多控制器的同步策略。如何有效分配資源、達成負載平衡，以及同步多個控制器的流量表資訊，是 SDN 安全策略部署需要解決的難題。
• Network information synchronization. Network information synchronization is the core issue of DDoS dynamic defense methods. If the synchronization of the sender and receiver information cannot be guaranteed during the information hopping process, it impacts network availability. The commonly used synchronization methods at present are time-based synchronization methods and protocol-based synchronization methods [112]. Time-based synchronization methods are affected by network latency and time accuracy, making it difficult to achieve accurate information synchronization. The protocol-based synchronization method requires prior communication negotiation and confirmation between the parties involved in the communication. However, this method is susceptible to replay attacks and tampering, which can disrupt the synchronization of network information jumps. Security research on information synchronization methods for dynamic defense is also a research direction.
  網路資訊同步。網路資訊同步是 DDoS 動態防禦方法的核心問題。如果在資訊跳躍的過程中，無法保證傳送者與接收者資訊的同步性，就會影響網路的可用性。目前常用的同步方法有基於時間的同步方法和基於通訊協定的同步方法[112]。基於時間的同步方法會受到網路延遲和時間精確度的影響，難以達到精確的資訊同步。基於通訊協定的同步方法需要參與通訊的各方事先進行通訊協商和確認。然而，此方法容易受到重播攻擊和竄改，會破壞網路資訊跳轉的同步性。動態防禦的資訊同步方法安全研究也是一個研究方向。
• Distinguishing between DDoS attacks and flash events. In a real network, there are often multiple legitimate users accessing the network simultaneously, which can lead to flash events. During these events, the website server is unable to provide normal services [113]. Unlike DDoS attacks, this event is caused by a surge in network traffic from legitimate users and cannot be prevented solely through DDoS attack defense strategies. Luo et al. [114] introduced methods to distinguish and detect flash events and $\mathrm{DDoS}$$\mathrm{DDoS}$DDoS\operatorname{DDoS} attacks, along with a dataset for detection. Sun et al. [64] proposed a method for detecting flow feature-based DDoS attacks and discriminating flash events in SDN. At present, it is also an urgent problem to distinguish between DDoS attacks and flash events in SDN and adopt different mitigation strategies to avoid affecting the legitimate use of the network by normal users.
  區分 DDoS 攻擊和閃爍事件。在真實網路中，通常會有多個合法使用者同時存取網路，這可能會導致閃光事件。在這些事件中，網站伺服器無法提供正常服務 [113]。與 DDoS 攻擊不同的是，此事件是由合法使用者的網路流量激增所造成，無法單靠 DDoS 攻擊防禦策略來預防。Luo 等人[114] 介紹了區別和偵測快閃事件與 $\mathrm{DDoS}$$\mathrm{DDoS}$DDoS\operatorname{DDoS} 攻擊的方法，以及偵測的資料集。Sun 等人[64]提出了一種偵測 SDN 中基於流量特徵的 DDoS 攻擊和區別閃爍事件的方法。目前，如何區分 SDN 中的 DDoS 攻擊與 flash 事件，並採取不同的緩解策略，避免影響正常使用者對網路的合法使用，也是一個急需解決的問題。
• Adaptive DDoS attack defense. Attackers often adapt their attack methods based on the intelligence gathered in the early stages to evade network defenses and detection methods. Studying adaptive attack detection mechanisms for DDoS attacks in SDN has become an important topic. Based on statistical information for detecting DDoS attack methods, dynamic detection thresholds are set according to the actual network traffic size and attack methods in order to reduce false alarm rates. They minimize the impact on network availability while ensuring accurate detection. In machine learning detection methods, selecting traffic features based on attack types helps train the model for detection. This approach reduces model complexity while improving accuracy [115]. The currently commonly used method is to combine lightweight identification methods with heavyweight detection algorithms to efficiently and accurately detect and identify DDoS attacks. In dynamic defense methods, the selection of the information jump space and period also requires an adaptive adjustment in order to achieve an adaptive information jump. At present, research is focused on achieving
  適應性 DDoS 攻擊防禦。攻擊者通常會根據前期收集到的情報調整攻擊方法，以躲避網路防禦和偵測方法。研究 SDN 中 DDoS 攻擊的適應性攻擊偵測機制已成為重要課題。以偵測 DDoS 攻擊方式的統計資訊為基礎，根據實際網路流量大小和攻擊方式設定動態偵測臨界值，以降低誤報率。這些方法在確保精確偵測的同時，將對網路可用性的影響降至最低。在機器學習偵測方法中，根據攻擊類型選擇流量特徵有助於訓練偵測模型。此方法可降低模型複雜度，同時提高精確度 [115]。目前常用的方法是結合輕量級的識別方法與重量級的偵測演算法，以有效且精確地偵測與識別 DDoS 攻擊。在動態防禦方法中，資訊跳躍空間與週期的選擇也需要自適應調整，才能達到資訊跳躍的自適應性。目前，研究的重點在於實現
  network adaptive DDoS attack detection and minimizing the impact on network availability. This involves developing DDoS defense measures that target various attack methods and scales.
  網路自適應 DDoS 攻擊偵測，並將對網路可用性的影響降至最低。這包括開發針對各種攻擊方法和規模的 DDoS 防禦措施。
• Protocol security. At present, there is no clear industry standard for security in SDN network architecture. Although organizations such as the Open Network Foundation [116] and the European Telecommunications Standards Association [117] have established certain security standards, there are still no fully recognized security standards domestically and internationally. This lack of recognized standards also impacts the security of SDN. Kloti et al. [118] conducted a security analysis on the OpenFlow protocol and experimentally verified that attackers can easily perform sniffing and DoS attacks on devices that deploy OpenFlow. In response to vulnerabilities in the SDN communication protocol, attackers can also compromise SDN security through methods such as man-in-the-middle attacks and spoofing attacks. Therefore, establishing security protocol standards is also an important measure to defend against DDoS attacks and ensure the security of SDN.
  通訊協定安全性。目前，SDN 網路架構的安全性並沒有明確的業界標準。雖然開放網路基金會 (Open Network Foundation) [116] 和歐洲電信標準協會 (European Telecommunications Standards Association) [117] 等組織已建立某些安全標準，但國內和國際上仍沒有完全公認的安全標準。缺乏公認的標準也會影響 SDN 的安全性。Kloti 等人[118]針對 OpenFlow 通訊協定進行安全分析，實驗驗證攻擊者可以輕易對部署 OpenFlow 的裝置進行嗅探（sniffing）與 DoS 攻擊。針對 SDN 通訊協定中的漏洞，攻擊者也可以透過中間人攻擊 (man-in-the-middle attack) 和詐欺攻擊 (spoofing attack) 等方法，危害 SDN 的安全性。因此，建立安全通訊協定標準也是防禦 DDoS 攻擊、確保 SDN 安全性的重要措施。

8. Conclusions  8.結論

References  參考資料

1. Chen, J.; Zheng, X.; Rong, C. Survey on software-defined networking. In Proceedings of the Second International Conference on Cloud Computing and Big Data in Asia, Huangshan, China, 17-19 June 2015; Springer: Cham, Switzerland, 2015; pp. 115-124.
   Chen, J.; Zheng, X.; Rong, C. Survey on software-defined networking.In Proceedings of the Second International Conference on Cloud Computing and Big Data in Asia, Huangshan, China, 17-19 June 2015; Springer：Cham, Switzerland, 2015; pp.
2. Scott-Hayward, S.; Natarajan, S.; Sezer, S. A Survey of Security in Software Defined Networks. IEEE Commun. Surv. Tutor. 2016, 18, 623-654. [CrossRef]
   Scott-Hayward, S.; Natarajan, S.; Sezer, S. A Survey of Security in Software Defined Networks.IEEE Commun.Surv.Tutor.2016, 18, 623-654.[CrossRef] (英文)
3. Ubale, T.; Jain, A.K. Survey on DDoS attack techniques and solutions in software-defined network. In Handbook of Computer Networks and Cyber Security; Springer: Cham, Switzerland, 2020; pp. 389-419.
   Ubale, T.; Jain, A.K. Survey on DDoS attack techniques and solutions in software-defined network.In Handbook of Computer Networks and Cyber Security; Springer：Cham, Switzerland, 2020; pp.
4. Mittal, M.; Kumar, K.; Behal, S. Deep learning approaches for detecting DDoS attacks: A systematic review. Soft Comput. 2023, 27, 13039-13075. [CrossRef]
   Mittal, M.; Kumar, K.; Behal, S. Deep learning approaches for detecting DDoS attacks：系統回顧。Soft Comput.2023, 27, 13039-13075.[CrossRef]。
5. Ali, T.E.; Chong, Y.W.; Manickam, S. Machine Learning Techniques to Detect a DDoS Attack in SDN: A Systematic Review. Appl. Sci. 2023, 13, 3183. [CrossRef]
   Ali, T.E.; Chong, Y.W.; Manickam, S. Machine Learning Techniques to Detect a DDoS Attack in SDN：A Systematic Review.應用科學 2023，13，3183。[CrossRef] (英文)
6. Karnani, S.; Shakya, H.K. Mitigation strategies for distributed denial of service (DDoS) in SDN: A survey and taxonomy. Inf. Secur. J. Glob. Perspect. 2023, 32, 444-468. [CrossRef]
   Karnani, S.; Shakya, H.K. Mitigation strategies for distributed denial of service (DDoS) in SDN：調查與分類。Inf.Secur.J. Glob.Perspect.2023, 32, 444-468.[CrossRef] (英文)
7. Kaur, S.; Kumar, K.; Aggarwal, N.; Singh, G. A comprehensive survey of DDoS defense solutions in SDN: Taxonomy, research challenges, and future directions. Comput. Secur. 2021, 110, 102423. [CrossRef]
   Kaur, S.; Kumar, K.; Aggarwal, N.; Singh, G. SDN 中 DDoS 防禦解決方案的綜合調查：分類、研究挑戰與未來方向。Comput.Secur.2021, 110, 102423.[CrossRef] (英文)
8. Behal, S.; Singh, J. Detection and Mitigation of DDoS attacks in SDN: A Comprehensive Review, Research Challenges and Future Directions. Comput. Sci. Rev. 2020, 37, 100279.
   Behal, S.; Singh, J. Detection and Mitigation of DDoS attacks in SDN：全面回顧、研究挑戰與未來方向。Comput.Sci. Rev. 2020, 37, 100279.
9. Maleh, Y.; Qasmaoui, Y.; El Gholami, K.; Sadqi, Y.; Mounir, S. A comprehensive survey on SDN security: Threats, mitigations, and future directions. J. Reliab. Intell. Environ. 2023, 9, 201-239. [CrossRef]
   Maleh, Y.; Qasmaoui, Y.; El Gholami, K.; Sadqi, Y.; Mounir, S. A comprehensive survey on SDN security：威脅、緩解措施與未來方向。J. Reliab.Intell.環境。2023, 9, 201-239.[CrossRef］
10. Ahmad, S.; Mir, A.H. SDN Interfaces: Protocols, Taxonomy and Challenges. Int. J. Wirel. Microwave Technol. 2022, 12, 11-32. [CrossRef]
    Ahmad, S.; Mir, A.H. SDN 介面：通訊協定、分類與挑戰。Int.J. Wirel.微波技術。2022, 12, 11-32.[CrossRef] (英文)
11. Alhijawi, B.; Almajali, S.; Elgala, H.; Salameh, H.B.; Ayyash, M. A survey on DoS/DDoS mitigation techniques in SDNs: Classification, comparison, solutions, testing tools and datasets. Comput. Electr. Eng. 2022, 99, 107706. [CrossRef]
    Alhijawi, B.; Almajali, S.; Elgala, H.; Salameh, H.B.; Ayyash, M. A survey on DoS/DDoS mitigation techniques in SDNs：分類、比較、解決方案、測試工具和資料集。Comput.Comput.2022, 99, 107706.[CrossRef]。
12. Patwardhan, A.; Jayarama, D.; Limaye, N.; Vidhale, S.; Parekh, Z.; Harfoush, K. SDN Security: Information disclosure and flow table overflow attacks. In Proceedings of the 2019 IEEE Global Communications Conference (GLOBECOM), Waikoloa, HI, USA, 9-13 December 2019; IEEE: New York, NY, USA, 2019; pp. 1-6.
    Patwardhan, A.; Jayarama, D.; Limaye, N.; Vidhale, S.; Parekh, Z.; Harfoush, K. SDN 安全：資訊揭露與流量表溢出攻擊。In Proceedings of the 2019 IEEE Global Communications Conference (GLOBECOM), Waikoloa, HI, USA, 9-13 December 2019; IEEE: New York, NY, USA, 2019; pp.
13. Cao, J.; Xu, M.; Li, Q.; Sun, K.; Yang, Y.; Zheng, J. Disrupting SDN via the data plane: A low-rate flow table overflow attack. In Proceedings of the International Conference on Security and Privacy in Communication Systems, Niagara Falls, ON, Canada, 22-25 October 2017; Springer: Cham, Switzerland, 2017; pp. 356-376.
    Cao, J.; Xu, M.; Li, Q.; Sun, K.; Yang, Y.; Zheng, J. Disrupting SDN via the data plane：低速率流量表溢出攻擊。In Proceedings of the International Conference on Security and Privacy in Communication Systems, Niagara Falls, ON, Canada, 22-25 October 2017; Springer：Cham, Switzerland, 2017; pp.
14. Dover, J.M. A Denial of Service Attack against the Open Floodlight SDN Controller; Dover Networks LCC.: Edgewater, MD, USA, 2013.
15. Rauf, B.; Abbas, H.; Usman, M.; Zia, T.A.; Iqbal, W.; Abbas, Y.; Afzal, H. Application Threats to Exploit Northbound Interface Vulnerabilities in Software Defined Networks. ACM Comput. Surv. 2021, 54, 1-36. [CrossRef]
    Rauf, B.; Abbas, H.; Usman, M.; Zia, T.A.; Iqbal, W.; Abbas, Y.; Afzal, H. Application Threats to Exploit Northbound Interface Vulnerabilities in Software Defined Networks.ACM Comput.Surv.2021, 54, 1-36.[CrossRef] (英文)
16. Yadav, S.K.; Suguna, P.; Velusamy, R.L. Entropy based mitigation of Distributed-Denial-of-Service (DDoS) attack on Control Plane in Software-Defined-Network (SDN). In Proceedings of the 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT), Kanpur, India, 6-8 July 2019; IEEE: New York, NY, USA, 2019; pp. 1-7.
    Yadav, S.K.; Suguna, P.; Velusamy, R.L. Entropy based mitigation of Distributed-Denial-of-Service (DDoS) attack on Control Plane in Software-Defined-Network (SDN).In Proceedings of the 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT), Kanpur, India, 6-8 July 2019; IEEE: New York, NY, USA, 2019; pp.
17. Ahalawat, A.; Dash, S.S.; Panda, A.; Babu, K.S. Entropy based DDoS detection and mitigation in OpenFlow enabled SDN. In Proceedings of the 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), Vellore, India, 30-31 March 2019; IEEE: New York, NY, USA, 2019; pp. 1-5.
    Ahalawat, A.; Dash, S.S.; Panda, A.; Babu, K.S. Entropy based DDoS detection and mitigation in OpenFlow enabled SDN.In Proceedings of the 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), Vellore, India, 30-31 March 2019; IEEE: New York, NY, USA, 2019; pp.
18. Carvalho, R.N.; Bordim, J.L.; Alchieri EA, P. Entropy-based DoS attack identification in SDN. In Proceedings of the 2019 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), Rio de Janeiro, Brazil, 20-24 May 2019; IEEE: New York, NY, USA, 2019; pp. 627-634.
    Carvalho, R.N.; Bordim, J.L.; Alchieri EA, P. SDN 中基於熵的 DoS 攻擊識別。In Proceedings of the 2019 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), Rio de Janeiro, Brazil, 20-24 May 2019; IEEE: New York, NY, USA, 2019; pp.
19. Hemmati, Z.; Mirjalily, G.; Mohtajollah, Z. Entropy-based DDoS Attack Detection in SDN using Dynamic Threshold. In Proceedings of the 2021 7th International Conference on Signal Processing and Intelligent Systems (ICSPIS), Tehran, Iran, 29-30 December 2021; IEEE: New York, NY, USA, 2021; pp. 1-5.
    Hemmati, Z.; Mirjalily, G.; Mohtajollah, Z. Entropy-based DDoS Attack Detection in SDN using Dynamic Threshold.In Proceedings of the 2021 7th International Conference on Signal Processing and Intelligent Systems (ICSPIS), Tehran, Iran, 29-30 December 2021; IEEE: New York, NY, USA, 2021; pp.
20. Ujjan RM, A.; Pervez, Z.; Dahal, K.; Khan, W.A.; Khattak, A.M.; Hayat, B. Entropy based features distribution for anti-DDoS model in SDN. Sustainability 2021, 13, 1522. [CrossRef]
    Ujjan RM, A.; Pervez, Z.; Dahal, K.; Khan, W.A.; Khattak, A.M.; Hayat, B. Entropy based features distribution for anti-DDoS model in SDN.Sustainability 2021, 13, 1522.[CrossRef] (英文)
21. Tao, L.; Sheng, Y. DDoS attack detection and recognition based on cross entropy in SDN environment. Comput. Appl. Softw. 2018, 38, 328-333.
    在 SDN 環境中基於交叉熵的 DDoS 攻擊偵測與識別。Comput.Appl.2018, 38, 328-333.
22. Kalkan, K.; Altay, L.; Gür, G.; Alagöz, F. JESS: Joint entropy-based DDoS defense scheme in SDN. IEEE J. Sel. Areas Commun. 2018, 36, 2358-2372. [CrossRef]
    Kalkan, K.; Altay, L.; Gür, G.; Alagöz, F. JESS：SDN 中基於聯合熵的 DDoS 防禦方案。IEEE J. Sel.Areas Commun.2018, 36, 2358-2372.[CrossRef].
23. Xuanyuan, M.; Ramsurrun, V.; Seeam, A. Detection and mitigation of DDoS attacks using conditional entropy in software-defined networking. In Proceedings of the 2019 11th International Conference on Advanced Computing (ICoAC), Chennai, India, 18-20 December 2019; IEEE: New York, NY, USA, 2019; pp. 66-71.
    Xuanyuan, M.; Ramsurrun, V.; Seeam, A. Detection and mitigation of DDoS attacks using conditional entropy in software-defined networking.In Proceedings of the 2019 11th International Conference on Advanced Computing (ICoAC), Chennai, India, 18-20 December 2019; IEEE: New York, NY, USA, 2019; pp.
24. Li, R.; Wu, B. Early detection of DDoS based on $\phi$$\phi$varphi\varphi-entropy in SDN networks. In Proceedings of the 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), Chongqing, China, 12-14 June 2020; IEEE: New York, NY, USA, 2020; Volume 1, pp. 731-735.
    Li, R.; Wu, B. 基於 SDN 網路中 $\phi$$\phi$varphi\varphi -熵的 DDoS 早期偵測。In Proceedings of the 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), Chongqing, China, 12-14 June 2020; IEEE: New York, NY, USA, 2020; Volume 1, pp.
25. Kalkan, K.; Gür, G.; Alagöz, F. SDNScore: A statistical defense mechanism against DDoS attacks in SDN environment. In Proceedings of the 2017 IEEE Symposium on Computers and Communications (ISCC), Heraklion, Greece, 3-6 July 2017; IEEE: New York, NY, USA, 2017; pp. 669-675.
    Kalkan, K.; Gür, G.; Alagöz, F. SDNScore：針對 SDN 環境中 DDoS 攻擊的統計防禦機制。In Proceedings of the 2017 IEEE Symposium on Computers and Communications (ISCC), Heraklion, Greece, 3-6 July 2017; IEEE: New York, NY, USA, 2017; pp.
26. Fouladi, R.F.; Ermiş, O.; Anarim, E. A DDoS attack detection and defense scheme using time-series analysis for SDN. J. Inf. Secur. Appl. 2020, 54, 102587. [CrossRef]
    Fouladi, R.F.; Ermiş, O.; Anarim, E. 使用 SDN 時間序列分析的 DDoS 攻擊偵測與防禦方案。J. Inf.Secur.2020, 54, 102587.[CrossRef] (英文)
27. Shohani, R.B.; Mostafavi, S.; Hakami, V. A statistical model for early detection of DDoS attacks on random targets in SDN. Wirel. Pers. Comтип. 2021, 120, 379-400. [CrossRef]
    Shohani, R.B.; Mostafavi, S.; Hakami, V. A statistical model for early detection of DDoS attacks on random targets in SDN.Wirel.Pers.Comтип.2021, 120, 379-400.[CrossRef] (英文)
28. Wang, M.H.; Wu, S.Y.; Yen, L.H.; Yen, L.H.; Tseng, C.C. PathMon: Path-specific traffic monitoring in OpenFlow-enabled networks. In Proceedings of the 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN), Vienna, Austria, 5-8 July 2016; IEEE: New York, NY, USA, 2016; pp. 775-780.
    Wang, M.H.; Wu, S.Y.; Yen, L.H.; Yen, L.H.; Tseng, C.C. PathMon：OpenFlow-enabled 網路中特定路徑的流量監控。In Proceedings of the 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN), Vienna, Austria, 5-8 July 2016; IEEE: New York, NY, USA, 2016; pp.
29. Sahay, R.; Blanc, G.; Zhang, Z.; Debar, H. ArOMA: An SDN based autonomic DDoS mitigation framework. Comput. Secur. 2017, 70, 482-499. [CrossRef]
    Sahay, R.; Blanc, G.; Zhang, Z.; Debar, H. ArOMA：基於 SDN 的自主式 DDoS 緩解框架。Comput.Secur.2017, 70, 482-499.[CrossRef]。
30. Yuhua, X.; Zhixin, S. Research progress in abnormal traffic detection in software-defined networks. J. Softw. 2020, 31, 183-207. Available online: http:/ /www.jos.org.cn/1000%E2% $\mathrm{\%}80\mathrm{\%}939825/5879.htm$$\mathrm{\%}80\mathrm{\%}939825/5879.htm$%80%939825//5879.htm\% 80 \% 939825 / 5879 . h t m (accessed on 6 November 2019).
    Yuhua, X.; Zhixin, S. 軟體定義網路中異常流量偵測的研究進展.J. Softw.2020, 31, 183-207.線上提供：http：//www.jos.org.cn/1000%E2% $\mathrm{\%}80\mathrm{\%}939825/5879.htm$$\mathrm{\%}80\mathrm{\%}939825/5879.htm$%80%939825//5879.htm\% 80 \% 939825 / 5879 . h t m (於 2019 年 11 月 6 日存取)。
31. Kokila, R.T.; Selvi, S.T.; Govindarajan, K. DDoS detection and analysis in SDN-based environment using support vector machine classifier. In Proceedings of the 2014 Sixth International Conference on Advanced Computing (ICoAC), Chennai, India, 17-19 December 2014; IEEE: New York, NY, USA, 2014; pp. 205-210.
    Kokila, R.T.; Selvi, S.T.; Govindarajan, K. DDoS detection and analysis in SDN-based environment using support vector machine classifier.In Proceedings of the 2014 Sixth International Conference on Advanced Computing (ICoAC), Chennai, India, 17-19 December 2014; IEEE: New York, NY, USA, 2014; pp.
32. Mehr, S.Y.; Ramamurthy, B. An SVM based DDoS attack detection method for Ryu SDN controller. In Proceedings of the 15th International Conference on Emerging Networking Experiments and Technologies, Orlando, FL, USA, 9-12 December 2019; pp. 72-73.
    Mehr, S.Y.; Ramamurthy, B. An SVM based DDoS attack detection method for Ryu SDN controller.In Proceedings of the 15th International Conference on Emerging Networking Experiments and Technologies, Orlando, FL, USA, 9-12 December 2019; pp.
33. Ye, J.; Cheng, X.; Zhu, J.; Feng, L.; Song, L. A DDoS attack detection method based on SVM in software defined network. Secur. Commun. Netw. 2018, 2018, 9804061. [CrossRef]
    Ye, J.; Cheng, X.; Zhu, J.; Feng, L.; Song, L. A DDoS attack detection method based on SVM in software defined network.Secur.Commun.Netw. 2018, 2018, 9804061.[CrossRef].
34. Zhao, J.; Zeng, P.; Shang, W.; Tong, G. DDoS attack detection based on one-class SVM in SDN. In Proceedings of the International Conference on Artificial Intelligence and Security, Hohhot, China, 17-20 July 2020; Springer: Singapore, 2020; pp. 189-200.
    Zhao, J.; Zeng, P.; Shang, W.; Tong, G. 在 SDN 中基於單類 SVM 的 DDoS 攻擊檢測。In Proceedings of the International Conference on Artificial Intelligence and Security, Hohhot, China, 17-20 July 2020; Springer：Singapore, 2020; pp.
35. Myint Oo, M.; Kamolphiwong, S.; Kamolphiwong, T.; Vasupongayya, S. Advanced support vector machine (ASVM) based detection for distributed denial of service (DDoS) attack on software defined networking (SDN). J. Comput. Netw. Commun. 2019, 2019, 8012568. [CrossRef]
    Myint Oo, M.; Kamolphiwong, S.; Kamolphiwong, T.; Vasupongayya, S. Advanced support vector machine (ASVM) based detection for distributed denial of service (DDoS) attack on software defined networking (SDN).J. Comput.Netw.Commun.2019, 2019, 8012568.[CrossRef].
36. Abdullahi Wabi, A.; Idris, I.; Mikail Olaniyi, O.; Joseph, A.; Surajudeen Adebayo, O. Modeling DDOS attacks in sdn and detection using random forest classifier. J. Cyber Secur. Technol. 2023, 1-14. [CrossRef]
    Abdullahi Wabi, A.; Idris, I.; Mikail Olaniyi, O.; Joseph, A.; Surajudeen Adebayo, O. Modeling DDOS attacks in sdn and detection using random forest classifier.J. Cyber Secur.Technol.2023, 1-14.[CrossRef]。
37. Santos, R.; Souza, D.; Santo, W.; Ribeiro, A.; Moreno, E. Machine learning algorithms to detect DDoS attacks in SDN. Concurr. Comput. Pract. Exp. 2020, 32, e5402. [CrossRef]
    Santos, R.; Souza, D.; Santo, W.; Ribeiro, A.; Moreno, E. Machine learning algorithms to detect DDoS attacks in SDN.Concurr.Comput.Pract.Exp. 2020, 32, e5402.[CrossRef] (英文)
38. Khashab, F.; Moubarak, J.; Feghali, A.; Bassil, C. DDoS attack detection and mitigation in SDN using machine learning. In Proceedings of the 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), Tokyo, Japan, 28 June-2 July 2021; IEEE: New York, NY, USA, 2021; pp. 395-401.
    Khashab, F.; Moubarak, J.; Feghali, A.; Bassil, C. DDoS 攻擊偵測與緩解在 SDN 中使用機器學習。In Proceedings of the 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), Tokyo, Japan, 28 June-2 July 2021; IEEE: New York, NY, USA, 2021; pp.
39. Dong, S.; Sarem, M. DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks. IEEE Access 2019, 8, 5039-5048. [CrossRef]
    Dong, S.; Sarem, M. 軟體定義網路中基於改良 KNN 與 DDoS 攻擊程度的 DDoS 攻擊偵測方法。IEEE Access 2019, 8, 5039-5048.[CrossRef]
40. Latah, M.; Toker, L. Towards an efficient anomaly-based intrusion detection for software-defined networks. IET Netw. 2018, 7, 453-459. [CrossRef]
    Latah, M.; Toker, L. Towards an efficient anomaly-based intrusion detection for software-defined networks.IET Netw. 2018, 7, 453-459.[CrossRef]
41. Nam, T.M.; Phong, P.H.; Khoa, T.D.; Huong, T.T.; Nam, P.N.; Thanh, N.H.; Thang, L.X.; Tuan, P.A.; Dung, L.Q.; Loi, V.D. Selforganizing map-based approaches in DDoS flooding detection using SDN. In Proceedings of the 2018 International Conference on Information Networking (ICOIN), Chiang Mai, Thailand, 10-12 January 2018; IEEE: New York, NY, USA, 2018; pp. 249-254.
    Nam, T.M.; Phong, P.H.; Khoa, T.D.; Huong, T.T.; Nam, P.N.; Thanh, N.H.; Thang, L.X.; Tuan, P.A.; Dung, L.Q.; Loi, V.D. Selforganizing map-based approaches in DDoS flooding detection using SDN.In Proceedings of the 2018 International Conference on Information Networking (ICOIN), Chiang Mai, Thailand, 10-12 January 2018; IEEE: New York, NY, USA, 2018; pp.
42. Hnamte, V.; Balram, G. Implementation of Naive Bayes Classifier for Reducing DDoS Attacks in IoT Networks. J. Algebr. Stat. 2022, 13, 2749-2757.
    Hnamte, V.; Balram, G. Implementation of Naive Bayes Classifier for Reducing DDoS Attacks in IoT Networks.2022, 13, 2749-2757.
43. Nadeem, M.W.; Goh, H.G.; Ponnusamy, V.; Aun, Y. DDoS Detection in SDN using Machine Learning Techniques. Comput. Mater. Contin. 2022, 71, 1. [CrossRef]
    Nadeem, M.W.; Goh, H.G.; Ponnusamy, V.; Aun, Y. DDoS Detection in SDN using Machine Learning Techniques.Comput.Mater.Contin.2022, 71, 1. [CrossRef].
44. Alubaidan, H.; Alzaher, R.; AlQhatani, M.; Mohammed, R. DDoS Detection in Software-Defined Network (SDN) Using Machine Learning. Int. J. Cybern. Inform. 2023, 12, 93-104. [CrossRef]
    Alubaidan, H.; Alzaher, R.; AlQhatani, M.; Mohammed, R. DDoS Detection in Software-Defined Network (SDN) Using Machine Learning.Int.J. Cybern.Inform.2023, 12, 93-104.[CrossRef] (英文)
45. Wang, J.; Wang, L. SDN-Defend: A Lightweight Online Attack Detection and Mitigation System for DDoS Attacks in SDN. Sensors 2022, 22, 8287. [CrossRef] [PubMed]
    Wang, J.; Wang, L. SDN-Defend: A Lightweight Online Attack Detection and Mitigation System for DDoS Attacks in SDN.Sensors 2022, 22, 8287.[CrossRef] [PubMed] (英文)
46. Wang, J.; Wang, L.; Wang, R. A Method of DDoS Attack Detection and Mitigation for the Comprehensive Coordinated Protection of SDN Controllers. Entropy 2023, 25, 1210. [CrossRef]
    Wang, J.; Wang, L.; Wang, R. A Method of DDoS Attack Detection and Mitigation for the Comprehensive Coordinated Protection of SDN Controller.Entropy 2023, 25, 1210.[CrossRef] (英文)
47. Jmal, R.; Ghabri, W.; Guesmi, R.; Alshammari, B.M.; Alshammari, A.S.; Alsaif, H. Distributed Blockchain-SDN Secure IoT System Based on ANN to Mitigate DDoS Attacks. Appl. Sci. 2023, 13, 4953. [CrossRef]
    Jmal, R.; Ghabri, W.; Guesmi, R.; Alshammari, B.M.; Alshammari, A.S.; Alsaif, H. Distributed Blockchain-SDN Secure IoT System Based on ANN to Mitigate DDoS Attacks.Appl. Sci. 2023, 13, 4953.[CrossRef]
48. Priyadarshini, I.; Mohanty, P.; Alkhayyat, A.; Sharma, R.; Kumar, S. SDN and application layer DDoS attacks detection in IoT devices by attention-based Bi-LSTM-CNN. Trans. Emerg. Telecommun. Technol. 2023, 34, e4758. [CrossRef]
    Priyadarshini, I.; Mohanty, P.; Alkhayyat, A.; Sharma, R.; Kumar, S. SDN and application layer DDoS attacks detection in IoT devices by attention-based Bi-LSTM-CNN.Trans.Emerg.Telecommun.Technol.2023, 34, e4758.[CrossRef]
49. Li, C.; Wu, Y.; Yuan, X.; Sun, Z.; Wang, W.; Li, X.; Gong, L. Detection and defense of DDoS attack-based on deep learning in OpenFlow-based SDN. Int. J. Commun. Syst. 2018, 31, e3497. [CrossRef]
    Li, C.; Wu, Y.; Yuan, X.; Sun, Z.; Wang, W.; Li, X.; Gong, L. Detection and defense of DDoS attack based on deep learning in OpenFlow-based SDN.Int.J. Commun.Syst.2018, 31, e3497.[CrossRef].
50. Bastola, S.B.; Shakya, S.; Sharma, S. Distributed Denial of Service Attack Detection on Software Defined Networking Using Deep Learning. In Proceedings of the 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Udupi, India, 13-16 September 2017.
    Bastola, S.B.; Shakya, S.; Sharma, S. Distributed Denial of Service Attack Detection on Software Defined Networking Using Deep Learning.In Proceedings of the 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Udupi, India, 13-16 September 2017.
51. Makuvaza, A.; Jat, D.S.; Gamundani, A.M. Deep neural network (DNN) solution for real-time detection of distributed denial of service (DDoS) attacks in software defined networks (SDNs). SN Comput. Sci. 2021, 2, 1-10. [CrossRef]
    Makuvaza, A.; Jat, D.S.; Gamundani, A.M. Deep neural network (DNN) solution for real-time detection of distributed denial of service (DDoS) attacks in software defined networks (SDNs).SN Comput.2021, 2, 1-10.[CrossRef] (英文)
52. Zhao, J.; Xu, M.; Chen, Y.; Xu, G. A DNN Architecture Generation Method for DDoS Detection via Genetic Alogrithm. Future Internet 2023, 15, 122. [CrossRef]
    Zhao, J.; Xu, M.; Chen, Y.; Xu, G. A DNN Architecture Generation Method for DDoS Detection via Genetic Alogrithm.未來網路 2023, 15, 122.[CrossRef] (英文)
53. Al-Dunainawi, Y.; Al-Kaseem, B.R.; Al-Raweshidy, H.S. Optimized Artificial Intelligence Model for DDoS Detection in SDN Environment. IEEE Access 2023, 11, 106733-106748. [CrossRef]
    Al-Dunainawi, Y.; Al-Kaseem, B.R.; Al-Raweshidy, H.S. Optimized Artificial Intelligence Model for DDoS Detection in SDN Environment.IEEE Access 2023, 11, 106733-106748.[CrossRef].
54. Aslam, M.; Ye, D.; Tariq, A.; Asad, M.; Hanif, M.; Ndzi, D.; Chelloug, S.A.; Elaziz, M.A.; Al-Qaness, M.A.A.; Jilani, S.F. Adaptive Machine Learning Based Distributed Denial-of-Services Attacks Detection and Mitigation System for SDN-Enabled IoT. Sensors 2022, 22, 2697. [CrossRef]
    Aslam, M.; Ye, D.; Tariq, A.; Asad, M.; Hanif, M.; Ndzi, D.; Chelloug, S.A.; Elaziz, M.A.; Al-Qaness, M.A.A.; Jilani, S.F. Adaptive Machine Learning Based Distributed Denial-of-Services Attacks Detection and Mitigation System for SDN-Enabled IoT.Sensors 2022, 22, 2697.[CrossRef] (英文)
55. Zhijun, W.; Qing, X.; Jingjie, W.; Meng, Y.; Liang, L. Low-rate DDoS attack detection based on factorization machine in software defined network. IEEE Access 2020, 8, 17404-17418. [CrossRef]
    Zhijun, W.; Qing, X.; Jingjie, W.; Meng, Y.; Liang, L. Low-rate DDoS attack detection based on factorization machine in software defined network.IEEE Access 2020, 8, 17404-17418.[CrossRef] (英文)
56. Li, J.; Liu, Y.; Gu, L. DDoS attack detection based on neural network. In Proceedings of the 2010 2nd International Symposium on Aware Computing, Tainan, Taiwan, 1-4 November 2010; IEEE: New York, NY, USA, 2010; pp. 196-199.
    Li, J.; Liu, Y.; Gu, L. 基於神經網路的 DDoS 攻擊偵測。In Proceedings of the 2010 2nd International Symposium on Aware Computing, Tainan, Taiwan, 1-4 November 2010; IEEE: New York, NY, USA, 2010; pp.
57. Malik, J.; Akhunzada, A.; Bibi, I.; Imran, M.; Musaddiq, A.; Kim, S.W. Hybrid deep learning: An efficient reconnaissance and surveillance detection mechanism in SDN. IEEE Access 2020, 8, 134695-134706. [CrossRef]
    Malik, J.; Akhunzada, A.; Bibi, I.; Imran, M.; Musaddiq, A.; Kim, S.W. Hybrid deep learning：SDN 中的高效偵察與監控偵測機制。IEEE Access 2020, 8, 134695-134706.[CrossRef]。
58. Cui, Y.; Yan, L.; Li, S.; Xing, H.; Pan, W.; Zhu, J.; Zheng, X. SD-Anti-DDoS: Fast and efficient DDoS defense in software-defined networks. J. Netw. Comput. Appl. 2016, 68, 65-79. [CrossRef]
    Cui, Y.; Yan, L.; Li, S.; Xing, H.; Pan, W.; Zhu, J.; Zheng, X. SD-Anti-DDoS：軟體定義網路中快速有效的 DDoS 防禦。J. Netw.Comput.2016, 68, 65-79.[CrossRef] (英文)
59. Deepa, V.; Sivakumar, B. Detection of DDoS Attack using Multiple Kernel Level (MKL) Algorithm. In Proceedings of the 2022 International Conference on Innovative Trends in Information Technology (ICITIIT), Kottayam, India, 12-13 February 2022; IEEE: New York, NY, USA, 2022; pp. 1-5.
    Deepa, V.; Sivakumar, B. Detection of DDoS Attack using Multiple Kernel Level (MKL) Algorithm.In Proceedings of the 2022 International Conference on Innovative Trends in Information Technology (ICITIIT), Kottayam, India, 12-13 February 2022; IEEE: New York, NY, USA, 2022; pp.
60. Qi, N.; Wang, W.; Xiao, M.; Jia, L.; Tsiftsis, T. A Learning-Based Spectrum Access Stackelberg Game: Friendly Jammer-Assisted Communication Confrontation. IEEE Trans. Veh. Technol. 2021, 70, 700-713. [CrossRef]
    Qi, N.; Wang, W.; Xiao, M.; Jia, L.; Tsiftsis, T. A Learning-Based Spectrum Access Stackelberg Game：友好干擾器輔助通信對抗。IEEE Trans.Veh.Technol.2021, 70, 700-713.[CrossRef] (英文)
61. Jia, L.; Xu, Y.; Sun, Y.; Feng, S.; Anpalagan, A. Stackelberg Game Approaches for Anti-Jamming Defence in Wireless Networks. IEEE Wirel. Commun. 2018, 25, 120-128. [CrossRef]
    Jia, L.; Xu, Y.; Sun, Y.; Feng, S.; Anpalagan, A. Stackelberg Game Approaches for Anti-Jamming Defence in Wireless Networks.IEEE Wirel.Commun.2018, 25, 120-128.[CrossRef] (英文)
62. Yao, R.; Zhang, Y.; Wang, S.; Qi, N.; Miridakis, N.I.; Tsiftsis, T.A. Deep Neural Network Assisted Approach for Antenna Selection in Untrusted Relay Networks. IEEE Wirel. Commun. Lett. 2019, 8, 1644-1647. [CrossRef]
    Yao, R.; Zhang, Y.; Wang, S.; Qi, N.; Miridakis, N.I.; Tsiftsis, T.A. Deep Neural Network Assisted Approach for Antenna Selection in Untrusted Relay Networks.IEEE Wirel.IEEE Wirel.Lett. 2019, 8, 1644-1647.[CrossRef] (英文)
63. Hu, D.; Hong, P.; Chen, Y. FADM: DDoS flooding attack detection and mitigation system in software-defined networking. In Proceedings of the GLOBECOM 2017-2017 IEEE Global Communications Conference, Singapore, 4-8 December 2017; IEEE: New York, NY, USA, 2017; pp. 1-7.
    Hu, D.; Hong, P.; Chen, Y. FADM：軟體定義網路中的 DDoS 氾濫攻擊偵測與緩解系統。In Proceedings of the GLOBECOM 2017-2017 IEEE Global Communications Conference, Singapore, 4-8 December 2017; IEEE: New York, NY, USA, 2017; pp.
64. Guozi Sun Jiang, W.; Yu, G.U.; Danni, R.E.N.; Huakang, L.I. DDoS attacks and flash event detection based on flow characteristics in SDN. In Proceedings of the 2018 15th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS), Auckland, New Zealand, 27-30 November 2018; IEEE: New York, NY, USA, 2018; pp. 1-6.
    Guozi Sun Jiang, W.; Yu, G.U.; Danni, R.E.N.; Huakang, L.I. DDoS 攻擊與 SDN 中基於流量特性的閃事件偵測。In Proceedings of the 2018 15th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS), Auckland, New Zealand, 27-30 November 2018; IEEE: New York, NY, USA, 2018; pp.
65. Novaes, M.P.; Carvalho, L.F.; Lloret, J.; Proenca, M.L. Long short-term memory and fuzzy logic for anomaly detection and mitigation in software-defined network environment. IEEE Access 2020, 8, 83765-83781. [CrossRef]
    Novaes, M.P.; Carvalho, L.F.; Lloret, J.; Proenca, M.L. Long short-term memory and fuzzy logic for anomaly detection and mitigation in software-defined network environment.IEEE Access 2020, 8, 83765-83781.[CrossRef] (英文)
66. Banitalebi Dehkordi, A.; Soltanaghaei, M.R.; Boroujeni, F.Z. The DDoS attacks detection through machine learning and statistical methods in SDN. J. Supercomput. 2021, 77, 2383-2415. [CrossRef]
    Banitalebi Dehkordi, A.; Soltanaghaei, M.R.; Boroujeni, F.Z. The DDoS attacks detection through machine learning and statistical methods in SDN.J. Supercomput.2021, 77, 2383-2415.[CrossRef] (英文)
67. Long, Z.; Jinsong, W. A hybrid method of entropy and SSAE-SVM based DDoS detection and mitigation mechanism in SDN. Comput. Secur. 2022, 115, 102604. [CrossRef]
    Long, Z.; Jinsong, W. A hybrid method of entropy and SSAE-SVM based DDoS detection and mitigation mechanism in SDN.Comput.Secur.2022, 115, 102604.[CrossRef]。
68. Singh, A.K.; Jaiswal, R.K.; Abdukodir, K.; Muthanna, A. Ardefense: DDos detection and prevention using nfv and sdn. In Proceedings of the 2020 12th International Congress on Ultra Mod Ern Telecommunications and Control Systems and Workshops (ICUMT), Brno, Czech Republic, 5-7 October 2020; IEEE: New York, NY, USA, 2020; pp. 236-241. [CrossRef]
    Singh, A.K.; Jaiswal, R.K.; Abdukodir, K.; Muthanna, A. Ardefense：使用 nfv 和 sdn 檢測和預防 DDos。In Proceedings of the 2020 12th International Congress on Ultra Mod Ern Telecommunications and Control Systems and Workshops (ICUMT), Brno, Czech Republic, 5-7 October 2020; IEEE: New York, NY, USA, 2020; pp.[CrossRef] (英文)
69. Ali, A.; Yousaf, M.M. Novel three-tier intrusion detection and prevention system in software defined network. IEEE Access 2020, 8, 109662-109676. [CrossRef]
    Ali, A.; Yousaf, M.M. 軟體定義網路中的新型三層入侵偵測與防禦系統。IEEE Access 2020, 8, 109662-109676.[CrossRef] (英文)
70. Sarwar, M.A.; Hussain, M.; Anwar, M.U.; Ahmad, M. FlowJustifier: An optimized trust-based request prioritization approach for mitigation of SDN controller DDoS attacks in the IoT paradigm. In Proceedings of the 3rd International Conference on Future Networks and Distributed Systems, Paris, France, 1-2 July 2019; pp. 1-9.
    Sarwar, M.A.; Hussain, M.; Anwar, M.U.; Ahmad, M. FlowJustifier：物聯網範例中，用於緩解 SDN 控制器 DDoS 攻擊的最佳化信任式請求優先順序處理方法。In Proceedings of the 3rd International Conference on Future Networks and Distributed Systems, Paris, France, 1-2 July 2019; pp.
71. Deng, S.; Gao, X.; Lu, Z.; Li, Z.; Gao, X. DoS vulnerabilities and mitigation strategies in software-defined networks. J. Netw. Comput. Appl. 2019, 125, 209-219. [CrossRef]
    Deng, S.; Gao, X.; Lu, Z.; Li, Z.; Gao, X. DoS 漏洞與軟體定義網路的緩解策略。J. Netw.Comput.Appl. 2019, 125, 209-219.[CrossRef] (英文)
72. Ravi, N.; Shalinie, S.M.; Lal, C.; Conti, M. AEGIS: Detection and mitigation of TCP SYN flood on SDN controller. IEEE Trans. Netw. Serv. Manag. 2020, 18, 745-759. [CrossRef]
    Ravi, N.; Shalinie, S.M.; Lal, C.; Conti, M. AEGIS：SDN 控制器上 TCP SYN 氾濫的偵測與緩解。IEEE Trans.Netw.Serv.Manag.2020, 18, 745-759.[CrossRef]
73. Cao, Y.; Jiang, H.; Deng, Y.; Wu, J.; Zhou, P.; Luo, W. Detecting and mitigating ddos attacks in SDN using spatial-temporal graph convolutional network. IEEE Trans. Dependable Secur. Comput. 2021, 19, 3855-3872. [CrossRef]
    Cao, Y.; Jiang, H.; Deng, Y.; Wu, J.; Zhou, P.; Luo, W.. Detecting and mitigating ddos attacks in SDN using spatial-temporal graph convolutional network.IEEE Trans.Dependable Secur.Comput.2021, 19, 3855-3872.[CrossRef] (英文)
74. Wang, M.; Zhou, H.; Chen, J.; Tong, B. An approach for protecting the openflow switch from the saturation attack. In Proceedings of the 2015 4th National Conference on Electrical, Electronics and Computer Engineering, Xi’an, China, 12-13 December 2015; Atlantis Press: Dordrecht, The Netherlands, 2015.
    Wang, M.; Zhou, H.; Chen, J.; Tong, B. An approach for protecting the openflow switch from the saturation attack.In Proceedings of the 2015 4th National Conference on Electrical, Electronics and Computer Engineering, Xi'an, China, 12-13 December 2015; Atlantis Press：Dordrecht, The Netherlands, 2015.
75. Bawany, N.Z.; Shamsi, J.A. Seal: Sdn based secure and agile framework for protecting smart city applications from ddos attacks. J. Netw. Comput. Appl. 2019, 145, 102381. [CrossRef]
    Bawany, N.Z.; Shamsi, J.A. Seal：基於 Sdn 的安全敏捷框架，用於保護智慧城市應用程式免受 ddos 攻擊。J. Netw.Comput.Appl. 2019, 145, 102381.[CrossRef].
76. Yuan, B.; Zou, D.; Yu, S.; Jin, H.; Qiang, W.; Shen, J. Defending against flow table overloading attack in software-defined networks. IEEE Trans. Serv. Comput. 2016, 12, 231-246. [CrossRef]
    在軟體定義網路中防禦流量表超載攻擊。IEEE Trans.Serv.Comput.2016, 12, 231-246.[CrossRef] (英文)
77. Bhushan, K.; Gupta, B.B. Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment. J. Ambient. Intell. Humaniz. Comput. 2019, 10, 1985-1997. [CrossRef]
    Bhushan, K.; Gupta, B.B. Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment.J. Ambient.Intell.Humaniz.Comput.2019, 10, 1985-1997.[CrossRef] (英文)
78. Katta, N.; Alipourfard, O.; Rexford, J.; Walker, D. Infinite CacheFlow in software-defined networks. In Proceedings of the Third Workshop on Hot Topics in Software Defined Networking (HotSDN’14), Chicago, IL, USA, 22 August 2014; Association for Computing Machinery: New York, NY, USA, 2014; pp. 175-180.
    Katta, N.; Alipourfard, O.; Rexford, J.; Walker, D. 軟體定義網路中的 Infinite CacheFlow。In Proceedings of the Third Workshop on Hot Topics in Software Defined Networking (HotSDN'14), Chicago, IL, USA, 22 August 2014; Association for Computing Machinery：New York, NY, USA, 2014; pp.
79. Dang, V.T.; Huong, T.T.; Thanh, N.H.; Nam, P.N.; Thanh, N.N.; Marshall, A. Sdn-based synproxy-A solution to enhance performance of attack mitigation under tcp syn flood. Comput. J. 2019, 62, 518-534. [CrossRef]
    Dang, V.T.; Huong, T.T.; Thanh, N.H.; Nam, P.N.; Thanh, N.N.; Marshall, A. Sdn-based synproxy-A solution to enhance performance of attack mitigation under tcp syn flood.Comput.J. 2019, 62, 518-534.[CrossRef].
80. Pascoal, T.A.; Dantas, Y.G.; Fonseca, I.E.; Nigam, V. Slow TCAM exhaustion DDoS attack. In Proceedings of the IFIP International Conference on ICT Systems Security and Privacy Protection, Rome, Italy, 29-31 May 2017; Springer: Cham, Switzerland, 2017; pp. 17-31.
    Pascoal, T.A.; Dantas, Y.G.; Fonseca, I.E.; Nigam, V. Slow TCAM exhaustion DDoS attack.In Proceedings of the IFIP International Conference on ICT Systems Security and Privacy Protection, Rome, Italy, 29-31 May 2017; Springer：Cham, Switzerland, 2017; pp.
81. Ma, D.; $\mathrm{Xu},\mathrm{Z}$$\mathrm{Xu},\mathrm{Z}$Xu,Z\mathrm{Xu}, \mathrm{Z}.; Lin, D. Defending blind DDoS attack on SDN based on moving target defense. In Proceedings of the International Conference on Security and Privacy in Communication Networks, Beijing, China, 24-26 September 2014; Springer: Cham, Switzerland, 2014; pp. 463-480.
    Ma, D.; $\mathrm{Xu},\mathrm{Z}$$\mathrm{Xu},\mathrm{Z}$Xu,Z\mathrm{Xu}, \mathrm{Z} .; Lin, D. 基於移動目標防禦在 SDN 上防禦盲目 DDoS 攻擊。In Proceedings of the International Conference on Security and Privacy in Communication Networks, Beijing, China, 24-26 September 2014; Springer：Cham, Switzerland, 2014; pp.
82. Abou El Houda, Z.; Khoukhi, L.; Hafid, A.S. Bringing intelligence to software defined networks: Mitigating ddos attacks. IEEE Trans. Netw. Serv. Manag. 2020, 17, 2523-2535. [CrossRef]
    Abou El Houda, Z.; Khoukhi, L.; Hafid, A.S. Bringing intelligence to software defined networks：緩解 DDOS 攻擊。IEEE Trans.Netw.Serv.Manag.2020, 17, 2523-2535.[CrossRef]
83. Hong, G.C.; Lee, C.N.; Lee, M.F. Dynamic threshold for DDoS mitigation in SDN environment. In Proceedings of the 2019 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), Lanzhou, China, 18-21 November 2019; IEEE: New York, NY, USA, 2019; pp. 1-7.
    Hong, G.C.; Lee, C.N.; Lee, M.F. Dynamic threshold for DDoS mitigation in SDN environment.In Proceedings of the 2019 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), Lanzhou, China, 18-21 November 2019; IEEE: New York, NY, USA, 2019; pp.
84. Alamri, H.A.; Thayananthan, V. Bandwidth control mechanism and extreme gradient boosting algorithm for protecting softwaredefined networks against ddos attacks. IEEE Access 2020, 8, 194269-194288. [CrossRef]
    Alamri, H.A.; Thayananthan, V. Bandwidth control mechanism and extreme gradient boosting algorithm for protecting softwaredefined networks against ddos attacks.IEEE Access 2020, 8, 194269-194288.[CrossRef]
85. Wang, L.; Li, Q.; Jiang, Y.; Jia, X.; Wu, J. Woodpecker: Detecting and mitigating link-flooding attacks via sdn. Comput. Netw. 2018, 147, 1-13. [CrossRef]
    Wang, L.; Li, Q.; Jiang, Y.; Jia, X.; Wu, J. Woodpecker：透過 sdn 檢測和緩解鏈路灌水攻擊。Comput.Netw. 2018, 147, 1-13.[CrossRef].
86. Weizhen, L.; Hailong, L.; Kaiyu, H. End jump technology research review. Comput. Appl. Res. 2021, 38, 2251-2257. [CrossRef]
    Weizhen, L.; Hailong, L.; Kaiyu, H. End Jump Technology Research Review.Comput.2021, 38, 2251-2257.[CrossRef].
87. Atighetchi, M.; Pal, P.; Webber, F.; Jones, C. Adaptive use of network-centric mechanisms in cyber-defense. In Proceedings of the Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, Hokkaido, Japan, 16 May 2003; IEEE: New York, NY, USA, 2003; pp. 183-192.
    Atighetchi, M.; Pal, P.; Webber, F.; Jones, C. Adaptive use of network-centric mechanisms in cyber-defense.In Proceedings of the Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, Hokkaido, Japan, 16 May 2003; IEEE: New York, NY, USA, 2003; pp.
88. Leyi, S.; Chunfu, J.; Shuwang, L. Research on Active Network Protection Based on Terminal Information Jump. J. Commun. 2008, 2, 106-110.
    Leyi, S.; Chunfu, J.; Shuwang, L. 《基於終端資訊跳轉的主動網路保護研究》.J. Commun.2008, 2, 106-110.
89. Badishi, G.; Herzberg, A.; Keidar, I. Keeping denial-of-service attackers in the dark. IEEE Trans. Dependable Secur. Comput. 2007, 4, 191-204. [CrossRef]
    Badishi, G.; Herzberg, A.; Keidar, I. Keeping denial-of-service attackers in the dark.IEEE Trans.Dependable Secur.Comput.2007, 4, 191-204.[CrossRef] (英文)
90. Zhang, L.; Guo, Y.; Yuwen, H.; Wang, Y. A port hopping based dos mitigation scheme in SDN network. In Proceedings of the 2016 12th International Conference on Computational Intelligence and Security (CIS), Wuxi, China, 16-19 December 2016; IEEE: New York, NY, USA, 2016; pp. 314-317.
    Zhang, L.; Guo, Y.; Yuwen, H.; Wang, Y. A port hopping based dos mitigation scheme in SDN network.In Proceedings of the 2016 12th International Conference on Computational Intelligence and Security (CIS), Wuxi, China, 16-19 December 2016; IEEE: New York, NY, USA, 2016; pp.
91. Chowdhary, A.; Alshamrani, A.; Huang, D.; Liang, H. MTD analysis and evaluation framework in software defined network (MASON). In Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, Tempe, AZ, USA, 21 March 2018; pp. 43-48.
    Chowdhary, A.; Alshamrani, A.; Huang, D.; Liang, H. 軟體定義網路中的 MTD 分析與評估框架 (MASON)。In Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, Tempe, AZ, USA, 21 March 2018; pp.
92. Ziyu, Z.; Erdian, G.; Wei, L. Research on encryption-based port jump technology in software-defined network. Comput. Appl. Softw. 2017, 34, 322-328.
    Ziyu, Z.; Erdian, G.; Wei, L. 軟體定義網路中基於加密的連接埠跳轉技術研究。Comput.Appl.2017, 34, 322-328.
93. Sifalakis, M.; Schmid, S.; Hutchison, D. Network address hopping: A mechanism to enhance data protection for packet communications. In Proceedings of the IEEE International Conference on Communications, ICC 2005, Seoul, Republic of Korea, 16-20 May 2005; IEEE: New York, NY, USA, 2005; Volume 3, pp. 1518-1523.
    Sifalakis, M.; Schmid, S.; Hutchison, D. Network address hopping：加強封包通訊資料保護的機制。In Proceedings of the IEEE International Conference on Communications, ICC 2005, Seoul, Republic of Korea, 16-20 May 2005; IEEE: New York, NY, USA, 2005; Volume 3, pp.
94. Zheng, K.; Zhao, X.; Li, X.; Zhou, Y. A SDN-based IP Address Hopping Method Design. In Proceedings of the 2016 5th International Conference on Measurement, Instrumentation and Automation (ICMIA 2016), Shenzhen, China, 17-18 September 2016; Atlantis Press: New York, NY, USA, 2016.
    Zheng, K.; Zhao, X.; Li, X.; Zhou, Y. A SDN-based IP Address Hopping Method Design.In Proceedings of the 2016 5th International Conference on Measurement, Instrumentation and Automation (ICMIA 2016), Shenzhen, China, 17-18 September 2016; Atlantis Press：New York, NY, USA, 2016.
95. De, T.; Wei, L. SDN address hopping scheme based on chaotic sequence. Comput. Digit. Eng. 2018, 46, 2315-2318.
    De, T.; Wei, L. 基於混沌序列的 SDN 位址跳躍方案。Comput.Digit.Eng. 2018, 46, 2315-2318.
96. Chang, S.Y.; Park, Y.; Babu, B.B.A. Fast IP hopping randomization to secure hop-by-hop access in SDN. IEEE Trans. Netw. Serv. Manag. 2018, 16, 308-320. [CrossRef]
    Chang, S.Y.; Park, Y.; Babu, B.B.A. Fast IP hopping randomization to secure hop-by-hop access in SDN.IEEE Trans.Netw.Serv.Manag.2018, 16, 308-320.[CrossRef]
97. Xu, X.; Hu, H.; Liu, Y.; Zhang, H.; Chang, D. An Adaptive IP Hopping Approach for Moving Target Defense Using a Light-Weight CNN Detector. Secur. Commun. Netw. 2021, 2021, 8848473. [CrossRef]
    Xu, X.; Hu, H.; Liu, Y.; Zhang, H.; Chang, D. An Adaptive IP Hopping Approach for Moving Target Defense Using a Light-Weight CNN Detector.Secur.Commun.2021, 2021, 8848473.[CrossRef].
98. Lou, W.; Li, H.; Hu, K.; Liu, M.; Dong, Q. Flow count synchronous SDN address hopping technology based on DH-RSA negotiation. In Proceedings of the 2021 International Conference on Neural Networks, Information and Communication Engineering, Qingdao, China, 27-28 August 2021; SPIE: Bellingham, WA, USA, 2021; Volume 11933, pp. 251-259.
    Lou, W.; Li, H.; Hu, K.; Liu, M.; Dong, Q. 基於 DH-RSA 協商的流量計同步 SDN 地址跳轉技術。In Proceedings of the 2021 International Conference on Neural Networks, Information and Communication Engineering, Qingdao, China, 27-28 August 2021; SPIE: Bellingham, WA, USA, 2021; Volume 11933, pp.
99. Jinglei, T.; Hongqi, Z.; Cheng, L.; Zhang, Y.; Chang, D.; Liu, X.; Zhang, H. Research progress on moving target defense technology for SDN. J. Netw. Inf. Secur. 2018, 4, 12.
    Jinglei, T.; Hongqi, Z.; Cheng, L.; Zhang, Y.; Chang, D.; Liu, X.; Zhang, H. Research progress on moving target defense technology for SDN.J. Netw.Inf.Secur.2018, 4, 12.
100. Shi, L.; Jia, C.; Lü, S.; Liu, Z. Port and address hopping for active cyber-defense. In Proceedings of the Pacific-Asia Workshop on Intelligence and Security Informatics, Chengdu, China, 11-12 April 2007; Springer: Berlin/Heidelberg, Germany, 2007; pp. 295-300.
     Shi, L.; Jia, C.; Lü, S.; Liu, Z. Port and address hopping for active cyber-defense.In Proceedings of the Pacific-Asia Workshop on Intelligence and Security Informatics, Chengdu, China, 11-12 April 2007; Springer: Berlin/Heidelberg, Germany, 2007; pp.
101. Yixun, H.; Kangfeng, Z.; Yixian, Y.; Xinxin, N. Network Layer Moving Target Defense Scheme based on OpenFlow. J. Commun. 2017, 38, 102-112.
     Yixun, H.; Kangfeng, Z.; Yixian, Y.; Xinxin, N. 基於 OpenFlow 的網路層移動目標防禦方案。J. Commun.2017, 38, 102-112.
102. Liu, Z.; He, Y.; Wang, W.; Wang, S.; Li, X.; Zhang, B. AEH-MTD: Adaptive moving target defense scheme for SDN. In Proceedings of the 2019 IEEE International Conference on Smart Internet of Things (SmartIoT), Tianjin, China, 9-11 August 2019; IEEE: New York, NY, USA, 2019; pp. 142-147.
     Liu, Z.; He, Y.; Wang, W.; Wang, S.; Li, X.; Zhang, B. AEH-MTD: Adaptive moving target defense scheme for SDN.In Proceedings of the 2019 IEEE International Conference on Smart Internet of Things (SmartIoT), Tianjin, China, 9-11 August 2019; IEEE: New York, NY, USA, 2019; pp.
103. Yuyang, Z.; Guang, C.; Chunsheng, G.; Mian, D. Moving targets defense attack surface dynamic transfer technology research review. J. Softw. 2018, 29, 2799-2820.
     Yuyang, Z.; Guang, C.; Chunsheng, G.; Mian, D. Moving targets defense attack surface dynamic transfer technology research review.J. Softw.2018, 29, 2799-2820.
104. Lixia, X.; Ying, D. Link SDN flooding attack moving targets defense mechanism. J. Tsinghua Univ. 2019, 59, 36-43. [CrossRef]
     Lixia, X.; Ying, D. Link SDN 泛洪攻擊移動目標防禦機制.J. Tsinghua Univ. 2019, 59, 36-43.[CrossRef].
105. Liu, J.; Zhang, H.; Guo, Z. A defense mechanism of random routing mutation in SDN. IEICE Trans. Inf. Syst. 2017, 100, 1046-1054. [CrossRef]
     SDN 中隨機路由突變的防禦機制。IEICE Trans.Inf.Syst.2017, 100, 1046-1054.[CrossRef].
106. Hyder, M.F.; Fatima, T.; Khan, S.M.; Arshad, S. Countering crossfire DDoS attacks through moving target defense in SDN networks using OpenFlow traffic modification. Trans. Emerg. Telecommun. Technol. 2023, 34, e4853. [CrossRef]
     Hyder，M.F.；Fatima，T.；Khan，S.M.；Arshad，S. 使用 OpenFlow 流量修改透過 SDN 網路中的移動目標防禦來對抗交叉火力 DDoS 攻擊。Trans.Emerg.Telecommun.Technol.2023, 34, e4853.[CrossRef]
107. Chowdhary, A.; Pisharody, S.; Alshamrani, A.; Huang, D. Dynamic game based security framework in SDN-enabled cloud networking environments. In Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, Scottsdale, AZ, USA, 24 March 2017; pp. 53-58.
     Chowdhary, A.; Pisharody, S.; Alshamrani, A.; Huang, D. 在 SDN 雲端網路環境中基於動態遊戲的安全框架。In Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, Scottsdale, AZ, USA, 24 March 2017; pp.
108. Zhou, Y.; Cheng, G.; Jiang, S.; Chen, Z. Cost-effective moving target defense against DDoS attacks using trilateral game and multi-objective Markov decision processes. Comput. Secur. 2020, 97, 101976. [CrossRef]
     Zhou, Y.; Cheng, G.; Jiang, S.; Chen, Z. Cost-effective moving target defense against DDoS attacks using trilateral game and multi-objective Markov decision processes.Comput.Secur.2020, 97, 101976.[CrossRef]。
109. Du, M.; Wang, K. An SDN-Enabled Pseudo-Honeypot Strategy for Distributed Denial of Service Attacks in Industrial Internet of Things. IEEE Trans. Ind. Inform. 2020, 16, 648-657. [CrossRef]
     Du, M.; Wang, K. An SDN-Enabled Pseudo-Honeypot Strategy for Distributed Denial of Service Attacks in Industrial Internet of Things.IEEE Trans.Ind.Inform.2020, 16, 648-657.[CrossRef] (英文)
110. Priyadarsini, M.; Bera, P.; Das, S.K.; Rahman, M.A. A security enforcement framework for SDN controller using game theoretic approach. IEEE Trans. Dependable Secur. Comput. 2022, 20, 1500-1515. [CrossRef]
     Priyadarsini, M.; Bera, P.; Das, S.K.; Rahman, M.A. A security enforcement framework for SDN controller using game theoretic approach.IEEE Trans.Dependable Secur.Comput.2022, 20, 1500-1515.[CrossRef] (英文)
111. Wang, Y.; Hu, T.; Tang, G.; Xie, J.; Lu, J. SGS: Safe-Guard Scheme for Protecting Control Plane Against DDoS Attacks in Software-Defined Networking. IEEE Access 2019, 7, 34699-34710. [CrossRef]
     Wang, Y.; Hu, T.; Tang, G.; Xie, J.; Lu, J. SGS：軟體定義網路中控制平面防禦 DDoS 攻擊的 Safe-Guard 方案。IEEE Access 2019, 7, 34699-34710.[CrossRef]
112. Weizhen, H.; Fucai, C.; Jie, N.; Jinglei, T.; Shumin, H.; Guozhen, C. Research progress of Dynamic Jump Technology for Network Layer. J. Netw. Inf. Secur. 2021, 7, 44-55.
     Weizhen, H.; Fucai, C.; Jie, N.; Jinglei, T.; Shumin, H.; Guozhen, C. Research progress of Dynamic Jump Technology for Network Layer.J. Netw.Inf.Secur.2021, 7, 44-55.
113. Bhatia, S.; Mohay, G.; Tickle, A.; Ahmed, E. Parametric differences between a real-world distributed denial-of-service attack and a flash event. In Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security, Vienna, Austria, 22-26 August 2011; IEEE: New York, NY, USA, 2011; pp. 210-217.
     Bhatia, S.; Mohay, G.; Tickle, A.; Ahmed, E. 真實世界分散式拒絕服務攻擊與閃電事件的參數差異。In Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security, Vienna, Austria, 22-26 August 2011; IEEE: New York, NY, USA, 2011; pp.
114. Kai, L.; Junyong, L.; Meijuan, Y.; Yan, L.; Lizheng, G. A review on the Identification of DDoS attacks with Flash Crowd. Comput. Sci. 2015, 42, 313-316+322.
     凱，L.；俊勇，L.；美娟，Y.；彥，L.；立正，G.利用快閃人群識別 DDoS 攻擊的綜述。Comput.Sci. 2015, 42, 313-316+322.
115. Jia, L.; Qi, N.; Chu, F.; Fang, S.; Wang, X.; Ma, S.; Feng, S. Game-theoretic learning anti-jamming approaches in wireless networks. IEEE Commun. Mag. 2022, 60, 60-66. [CrossRef]
     Jia, L.; Qi, N.; Chu, F.; Fang, S.; Wang, X.; Ma, S.; Feng, S. Game-theoretic learning anti-jamming approaches in wireless networks.IEEE Commun.Mag.2022, 60, 60-66.[CrossRef] (英文)
116. ONF. Software-Defined Networking (SDN) Definition. Available online: https://opennetworking.org/sdn-resources/sdndefinition (accessed on 30 June 2022).
     ONF.軟體定義網路 (SDN) 定義。可於線上取得：https://opennetworking.org/sdn-resources/sdndefinition (於 2022 年 6 月 30 日存取)。
117. European Telecommunications Standards Institute. Available online: http:/ /www.etsi.org/ (accessed on 30 June 2022).
     歐洲電信標準協會。網址：http://www.etsi.org/ (於 2022 年 6 月 30 日存取)。
118. Kloti, R.; Kotronis, V.; Smith, P. OpenFlow: A security analysis. In Proceedings of the Twenty first IEEE International Conference on Network Protocols (ICNP), Göttingen, Germany, 7-10 October 2013; pp. 1-6.
     Kloti, R.; Kotronis, V.; Smith, P. OpenFlow: A security analysis.In Proceedings of the Twenty first IEEE International Conference on Network Protocols (ICNP), Göttingen, Germany, 7-10 October 2013; pp.
119. Sjoholmsierchio, M.; Hale, B.; Lukaszewski, D.; Xie, G.G. Strengthening SDN security: Protocol dialecting and downgrade attacks. In Proceedings of the 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), Tokyo, Japan, 28 June-2 July 2021; IEEE: New York, NY, USA, 2021; pp. 321-329.
     Sjoholmsierchio, M.; Hale, B.; Lukaszewski, D.; Xie, G.G. 強化 SDN 安全性：通訊協定方言和降級攻擊。In Proceedings of the 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), Tokyo, Japan, 28 June-2 July 2021; IEEE: New York, NY, USA, 2021; pp.
120. Yang, W.; Guang-ming, T.; Shuo, W.; Jiang, C. DDoS Attack Defense mechanism at SDN Application Layer based on API Call management. J. Netw. Inf. Secur. 2022, 8, 73-87.
     基於 API Call 管理的 SDN 應用層 DDoS 攻擊防禦機制。J. Netw.Inf.Secur.2022, 8, 73-87.