{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T15:51:00Z","timestamp":1774540260339,"version":"3.50.1"},"reference-count":45,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2024,8,5]],"date-time":"2024-08-05T00:00:00Z","timestamp":1722816000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,8,5]],"date-time":"2024-08-05T00:00:00Z","timestamp":1722816000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"DOI":"10.1007\/s11416-024-00534-0","type":"journal-article","created":{"date-parts":[[2024,8,5]],"date-time":"2024-08-05T06:03:12Z","timestamp":1722837792000},"page":"819-839","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["FloodKnight: an intelligent DDoS defense scheme to combat attacks near attack entry points"],"prefix":"10.1007","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0803-6994","authenticated-orcid":false,"given":"Neelam","family":"Dayal","sequence":"first","affiliation":[]},{"given":"Shashank","family":"Srivastava","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,8,5]]},"reference":[{"key":"534_CR1","unstructured":"InfoWorld. 2017: The year of widespread SDN adoption and DDoS attack mitigation (2017). http:\/\/www.infoworld.com\/article\/3156344\/internet\/2017-widespread-sdn-adoption-and-ddos-attack-mitigation.html. Accessed on 12 Feb. 2017"},{"issue":"18","key":"534_CR2","doi-asserted-by":"publisher","first-page":"6386","DOI":"10.1002\/sec.1759","volume":"9","author":"N Dayal","year":"2016","unstructured":"Dayal, N., Maity, P., Srivastava, S., Khondoker, R.: Research trends in security and DDoS in SDN. Secur. Commun. Netw. 9(18), 6386\u20136411 (2016)","journal-title":"Secur. Commun. Netw."},{"key":"534_CR3","doi-asserted-by":"crossref","unstructured":"Dayal, N., Srivastava, S.: Analyzing behavior of DDoS attacks to identify DDoS detection features in SDN. In: 9th International Conference on COmunication Systems and NETworks (COMSNETS-2017), pp. 274\u2013281. IEEE (2017)","DOI":"10.1109\/COMSNETS.2017.7945387"},{"key":"534_CR4","unstructured":"Broomhead, D.S., Lowe, D.: Radial Basis Functions, Multi-variable Functional Interpolation and Adaptive Networks. Tech. Rep. (1988)"},{"key":"534_CR5","doi-asserted-by":"crossref","unstructured":"Kennedy, J., Eberhart, R.: Particle swarm optimization. In: IEEE International Conference on Neural Networks, pp. 1942\u20131948. IEEE (1995)","DOI":"10.1109\/ICNN.1995.488968"},{"key":"534_CR6","unstructured":"Floodlight Documentation (2016). https:\/\/floodlight.atlassian.net\/wiki\/display\/floodlightcontroller\/. Accessed 15 May 2016"},{"key":"534_CR7","unstructured":"SDN Analytics for DDoS Mitigation-Solving Real World Enterprise Problem Today. Alcatel Lucent Enterprise, Tech. Rep. (2013)"},{"key":"534_CR8","unstructured":"Krishnan, R., Durrani, M., Pal, P.: Real-time SDN analytics for DDoS mitigation. Brocade Communications, Tech. Rep. (2014)"},{"key":"534_CR9","unstructured":"Denial-of-service (DoS) secured virtual tenant networks (VTN). Radware and NEC Corporation, Tech. Rep. (2012)"},{"key":"534_CR10","doi-asserted-by":"crossref","unstructured":"Braga, R., Mota, E., Passito, A.: Lightweight DDoS Flooding Attack Detection Using NOX\/OpenFlow. In: 2010 IEEE 35th Conference on Local Computer Networks (LCN). IEEE, pp. 408\u2013415 (2010)","DOI":"10.1109\/LCN.2010.5735752"},{"key":"534_CR11","doi-asserted-by":"crossref","unstructured":"Kokila, R.T., Selvi, S.T., Govindarajan, K.: DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: 2014 Sixth International Conference on Advanced Computing (ICoAC). IEEE, pp. 205\u2013210 (December 2014)","DOI":"10.1109\/ICoAC.2014.7229711"},{"key":"534_CR12","doi-asserted-by":"crossref","unstructured":"Li, X., Yuan, D., Hu, H., Ran, J., Li, S.: DDoS detection in SDN switches using support vector machine classifier. In: 2015 Joint International Mechanical, Electronic and Information Technology Conference (JIMET-15). Atlantis Press (2015)","DOI":"10.2991\/jimet-15.2015.63"},{"key":"534_CR13","doi-asserted-by":"crossref","unstructured":"Hu, D., Hong, P., Chen, Y.: FADM: DDoS flooding attack detection and mitigation system in software-defined networking. In: GLOBECOM 2017\u20132017 IEEE Global Communications Conference, pp. 1\u20137. IEEE (2017)","DOI":"10.1109\/GLOCOM.2017.8254023"},{"key":"534_CR14","doi-asserted-by":"crossref","unstructured":"Phan, T.V., Toan, T.V., Tuyen, D.V., Huong, T.T., Thanh, N.H.: OpenFlowSIA: an optimized protection scheme for software-defined networks from flooding attacks. In: 2016 IEEE Sixth International Conference on Communications and Electronics (ICCE), pp. 13\u201318. IEEE (2016)","DOI":"10.1109\/CCE.2016.7562606"},{"issue":"4","key":"534_CR15","doi-asserted-by":"publisher","first-page":"3559","DOI":"10.1109\/JIOT.2020.2973176","volume":"7","author":"N Ravi","year":"2020","unstructured":"Ravi, N., Shalinie, S.M.: Learning-driven detection and mitigation of DDoS attack in IoT via SDN-cloud architecture. IEEE Internet Things J. 7(4), 3559\u20133570 (2020). https:\/\/doi.org\/10.1109\/JIOT.2020.2973176","journal-title":"IEEE Internet Things J."},{"key":"534_CR16","doi-asserted-by":"crossref","unstructured":"Mihai-Gabriel, I., Victor-Valeriu, P.: Achieving DDoS resiliency in a software defined network by intelligent risk assessment based on neural networks and danger theory. In: 2014 IEEE 15th International Symposium on Computational Intelligence and Informatics (CINTI), pp. 319\u2013324. IEEE (November 2014)","DOI":"10.1109\/CINTI.2014.7028696"},{"key":"534_CR17","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1016\/j.jnca.2016.04.005","volume":"68","author":"Y Cui","year":"2016","unstructured":"Cui, Y., Yan, L., Li, S., Xing, H., Pan, W., Zhu, J., Zheng, X.: SD-Anti-DDoS: fast and efficient DDoS defense in software-defined networks. J. Netw. Comput. Appl. 68, 65\u201379 (2016)","journal-title":"J. Netw. Comput. Appl."},{"key":"534_CR18","doi-asserted-by":"crossref","unstructured":"Niyaz, Q., Sun, W., Javaid, A.Y.: A deep learning based DDoS detection system in software-defined networking (SDN) (2016). arXiv:1611.07400","DOI":"10.4108\/eai.28-12-2017.153515"},{"key":"534_CR19","doi-asserted-by":"publisher","first-page":"763","DOI":"10.1016\/j.future.2019.10.015","volume":"111","author":"RMA Ujjan","year":"2020","unstructured":"Ujjan, R.M.A., Pervez, Z., Dahal, K., Bashir, A.K., Mumtaz, R., Gonzalez, J.: Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN. Future Gener. Comput. Syst. 111, 763\u2013779 (2020)","journal-title":"Future Gener. Comput. Syst."},{"key":"534_CR20","doi-asserted-by":"crossref","unstructured":"Nugraha, B., Murthy, R.N.: Deep learning-based slow DDoS attack detection in SDN-based networks. In: 2020 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), pp. 51\u201356. IEEE (2020)","DOI":"10.1109\/NFV-SDN50289.2020.9289894"},{"key":"534_CR21","doi-asserted-by":"crossref","unstructured":"Elsayed, M.S., Le-Khac, N.-A., Dev, S., Jurcut, A.D.: DDoSNet: A deep-learning model for detecting network attacks. In: 2020 IEEE 21st International Symposium on\" A World of Wireless, Mobile and Multimedia Networks\"(WoWMoM), pp. 391\u2013396. IEEE (2020)","DOI":"10.1109\/WoWMoM49955.2020.00072"},{"issue":"1","key":"534_CR22","doi-asserted-by":"publisher","first-page":"14","DOI":"10.3390\/technologies9010014","volume":"9","author":"JD Gadze","year":"2021","unstructured":"Gadze, J.D., Bamfo-Asante, A.A., Agyemang, J.O., Nunoo-Mensah, H., Opare, K.A.-B.: An investigation into the application of deep learning in the detection and mitigation of DDOS attack on SDN controllers. Technologies 9(1), 14 (2021)","journal-title":"Technologies"},{"issue":"3","key":"534_CR23","doi-asserted-by":"publisher","first-page":"413","DOI":"10.3390\/electronics9030413","volume":"9","author":"NN Tuan","year":"2020","unstructured":"Tuan, N.N., Hung, P.H., Nghia, N.D., Van Tho, N., Van Phan, T., Thanh, N.H.: A DDoS attack mitigation scheme in ISP networks using machine learning based on SDN. Electronics 9(3), 413 (2020)","journal-title":"Electronics"},{"key":"534_CR24","doi-asserted-by":"crossref","unstructured":"Lee, T.-H., Chang, L.-H., Syu, C.-W.: Deep learning enabled intrusion detection and prevention system over SDN networks. In: 2020 IEEE International Conference on Communications Workshops (ICC Workshops), pp. 1\u20136. IEEE (2020)","DOI":"10.1109\/ICCWorkshops49005.2020.9145085"},{"key":"534_CR25","doi-asserted-by":"crossref","unstructured":"Qin, Y., Wei, J., Yang, W.: Deep learning based anomaly detection scheme in software-defined networking. In: 2019 20th Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 1\u20134. IEEE (2019)","DOI":"10.23919\/APNOMS.2019.8892873"},{"key":"534_CR26","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2020.114520","volume":"169","author":"AE Cil","year":"2021","unstructured":"Cil, A.E., Yildiz, K., Buldu, A.: Detection of DDoS attacks with feed forward based deep neural network model. Expert Syst. Appl. 169, 114520 (2021)","journal-title":"Expert Syst. Appl."},{"key":"534_CR27","doi-asserted-by":"crossref","unstructured":"Han, B., Yang, X., Sun, Z., Huang, J., Su, J.: OverWatch: a cross-plane DDoS attack defense framework with collaborative intelligence in SDN. Security and Communication Networks (2018)","DOI":"10.1155\/2018\/9649643"},{"key":"534_CR28","doi-asserted-by":"crossref","unstructured":"Sahay, R., Blanc, G., Zhang, Z., Debar, H.: Towards autonomic DDoS mitigation using software defined networking. In: NDSS Workshop on Security of Emerging Networking Technologies (2015)","DOI":"10.14722\/sent.2015.23004"},{"key":"534_CR29","doi-asserted-by":"publisher","first-page":"482","DOI":"10.1016\/j.cose.2017.07.008","volume":"70","author":"R Sahay","year":"2017","unstructured":"Sahay, R., Blanc, G., Zhang, Z., Debar, H.: ArOMA: an SDN based autonomic DDoS mitigation framework. Comput. Secur. 70, 482\u2013499 (2017)","journal-title":"Comput. Secur."},{"key":"534_CR30","unstructured":"Zhang, H., Reich, J., Rexford, J.: Packet traceback for software-defined networks. Technical Report, Princeton University, Princeton (2015)"},{"key":"534_CR31","doi-asserted-by":"crossref","unstructured":"Francois, J., Festor, O.: Anomaly traceback using software defined networking. In: Information Forensics and Security (WIFS), pp. 203\u2013208. IEEE (2014)","DOI":"10.1109\/WIFS.2014.7084328"},{"key":"534_CR32","doi-asserted-by":"crossref","unstructured":"Dayal, N., Srivastava, S.: An RBF-PSO based approach for early detection of DDoS attacks in SDN. In: 10th International Conference on COmunication Systems and NETworks (COMSNETS-2018). IEEE (2018)","DOI":"10.1109\/COMSNETS.2018.8328175"},{"key":"534_CR33","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1016\/j.bjp.2013.10.014","volume":"62","author":"K Giotis","year":"2014","unstructured":"Giotis, K., Argyropoulos, C., Androulidakis, G., Kalogeras, D., Maglaris, V.: Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput. Netw. 62, 122\u2013136 (2014)","journal-title":"Comput. Netw."},{"key":"534_CR34","doi-asserted-by":"crossref","unstructured":"Kalliola, A., Lee, K., Lee, H., Aura, T.: Flooding DDoS mitigation and traffic management with software defined networking. In: 2015 IEEE 4th International Conference on Cloud Networking (CloudNet), pp. 248\u2013254. IEEE (2015)","DOI":"10.1109\/CloudNet.2015.7335317"},{"key":"534_CR35","doi-asserted-by":"crossref","unstructured":"Shtern, M., Sandel, R., Litoiu, M., Bachalo, C., Theodorou, V.: Towards mitigation of low and slow application DDoS attacks. In: IEEE International Conference on Cloud Engineering (IC2E). IEEE, pp. 604\u2013609 (2014)","DOI":"10.1109\/IC2E.2014.38"},{"key":"534_CR36","unstructured":"The Internet Topology Zoo (2012). http:\/\/www.topology-zoo.org\/dataset.html. Accessed 2 Dec 2016"},{"key":"534_CR37","unstructured":"Grobmann, M., Schuberth, S.J.: Auto-Mininet: Assessing the Internet Topology Zoo in a Software-Defined Network Emulator. Otto-Friedrich University, Technical Report (2013)"},{"key":"534_CR38","unstructured":"Mininet: An Instant Virtual Network on your Laptop(or other PC) (2016). http:\/\/mininet.org\/. Accessed 1 Feb 2016"},{"key":"534_CR39","doi-asserted-by":"crossref","unstructured":"Borgnat, P., et al.: Seven years and one day: sketching the evolution of internet traffic. In: INFOCOM 2009. IEEE (2009)","DOI":"10.1109\/INFCOM.2009.5061979"},{"issue":"15","key":"534_CR40","doi-asserted-by":"publisher","first-page":"3531","DOI":"10.1016\/j.comnet.2012.02.019","volume":"56","author":"A Botta","year":"2012","unstructured":"Botta, A., Dainotti, A., Pescape, A.: A tool for the generation of realistic network workload for emerging networking scenarios. Comput. Netw. 56(15), 3531\u20133547 (2012)","journal-title":"Comput. Netw."},{"key":"534_CR41","unstructured":"Scapy v2.1.1-dev documentation (2010). http:\/\/www.secdev.org\/projects\/scapy\/doc\/usage.html. Accessed 15 May 2016"},{"key":"534_CR42","unstructured":"Hyenae (2010). https:\/\/sourceforge.net\/projects\/hyenae. Accessed 15 Feb 2016"},{"key":"534_CR43","unstructured":"hping3(8)-linux man page (2010). https:\/\/linux.die.net\/man\/8\/hping3. Accessed 15 May 2016"},{"key":"534_CR44","unstructured":"sflow-rt (2015). http:\/\/sflow-rt.com\/index.php. Accessed 12 Feb 2016"},{"issue":"3","key":"534_CR45","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1109\/TPDS.2010.97","volume":"22","author":"S Yu","year":"2011","unstructured":"Yu, S., Zhou, W., Doss, R., Jia, W.: Traceback of DDoS attacks using entropy variations. IEEE Trans. Parallel Distrib. Syst. 22(3), 412\u2013425 (2011)","journal-title":"IEEE Trans. Parallel Distrib. Syst."}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-024-00534-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11416-024-00534-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-024-00534-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,15]],"date-time":"2024-10-15T15:14:29Z","timestamp":1729005269000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11416-024-00534-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,8,5]]},"references-count":45,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2024,11]]}},"alternative-id":["534"],"URL":"https:\/\/doi.org\/10.1007\/s11416-024-00534-0","relation":{},"ISSN":["2263-8733"],"issn-type":[{"value":"2263-8733","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,8,5]]},"assertion":[{"value":"13 December 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"18 July 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 August 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"Authors declare no Conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}