{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:53:33Z","timestamp":1772726013928,"version":"3.50.1"},"reference-count":49,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2018,12,1]],"date-time":"2018-12-01T00:00:00Z","timestamp":1543622400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Computer Networks"],"published-print":{"date-parts":[[2018,12]]},"DOI":"10.1016\/j.comnet.2018.09.021","type":"journal-article","created":{"date-parts":[[2018,9,26]],"date-time":"2018-09-26T22:00:33Z","timestamp":1537999233000},"page":"1-13","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":44,"special_numbering":"C","title":["Woodpecker: Detecting and mitigating link-flooding attacks via SDN"],"prefix":"10.1016","volume":"147","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7127-1081","authenticated-orcid":false,"given":"Lei","family":"Wang","sequence":"first","affiliation":[]},{"given":"Qing","family":"Li","sequence":"additional","affiliation":[]},{"given":"Yong","family":"Jiang","sequence":"additional","affiliation":[]},{"given":"Xuya","family":"Jia","sequence":"additional","affiliation":[]},{"given":"Jianping","family":"Wu","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.comnet.2018.09.021_bib0001","series-title":"Proceedings of IEEE Security&Privacy, Oakland, USA","article-title":"Analysis of a denial of service attack on tcp","author":"Schuba","year":"1997"},{"key":"10.1016\/j.comnet.2018.09.021_bib0002","series-title":"Proceedings of USENIX Security, SAN DIEGO, USA","article-title":"Exit from hell? Reducing the impact of amplification ddos attacks","author":"K\u00fchrer","year":"2014"},{"key":"10.1016\/j.comnet.2018.09.021_bib0003","series-title":"Proceedings of USENIX NDSS, San Diego, USA","article-title":"Implementing pushback: router-based defense against ddos attacks","author":"Ioannidis","year":"2002"},{"key":"10.1016\/j.comnet.2018.09.021_bib0004","doi-asserted-by":"crossref","unstructured":"F. Baker, P. Savola, Ingress filtering for multihomed networks, 2004, (IETF RFC).","DOI":"10.17487\/rfc3704"},{"key":"10.1016\/j.comnet.2018.09.021_bib0005","series-title":"Proceedings of IEEE INFOCOM, Hong Kong, China","article-title":"Packetscore: statistics-based overload control against distributed denial-of-service attacks","author":"Kim","year":"2004"},{"key":"10.1016\/j.comnet.2018.09.021_bib0006","series-title":"Proceedings of IEEE Security&Privacy, Oakland, USA","article-title":"The crossfire attack","author":"Kang","year":"2013"},{"key":"10.1016\/j.comnet.2018.09.021_bib0007","series-title":"Proceedings of Springer-Verlag ESORICS, Berlin, Heidelberg","article-title":"The coremelt attack","author":"Ahren Studer","year":"2009"},{"key":"10.1016\/j.comnet.2018.09.021_bib0008","unstructured":"D. GOODIN, How extorted e-mail provider got back online after crippling ddos attack, 2015, (Technica, Ars)."},{"key":"10.1016\/j.comnet.2018.09.021_bib0009","unstructured":"P. Bright, Can a ddos break the internet? Sure just not all of it, 2013, (Technica, Ars)."},{"key":"10.1016\/j.comnet.2018.09.021_bib0010","series-title":"Proceedings of ACM SIGMETRICS, San Diego, USA","article-title":"Characterizing and measuring path diversity of internet topologies","author":"Teixeira","year":"2003"},{"key":"10.1016\/j.comnet.2018.09.021_bib0011","series-title":"Proceedings of IEEE ISCC, Messina, Italy","article-title":"Towards mitigating link flooding attack via incremental sdn deployment","author":"Wang","year":"2016"},{"key":"10.1016\/j.comnet.2018.09.021_bib0012","series-title":"Proceedings of the 2014 ACM SIGSAC CCS, Scottsdale, USA","article-title":"Routing bottlenecks in the internet: causes, exploits, and countermeasures","author":"Kang","year":"2014"},{"key":"10.1016\/j.comnet.2018.09.021_bib0013","series-title":"Proceedings of USENIX LISA, Seattle, USA","article-title":"Towards detecting target link flooding attack","author":"Xue","year":"2014"},{"key":"10.1016\/j.comnet.2018.09.021_bib0014","series-title":"Proceedings of ACM CoNext, Santa Barbara, USA","article-title":"Codef: collaborative defense against large-scale link-flooding attacks","author":"Lee","year":"2013"},{"key":"10.1016\/j.comnet.2018.09.021_bib0015","series-title":"Cross-domain DoS link-flooding attack detection and mitigation using SDN principles","author":"Dimitrios","year":"2014"},{"key":"10.1016\/j.comnet.2018.09.021_bib0016","series-title":"Proceedings of USENIX NDSS, San Diego, USA","article-title":"Spiffy: Inducing cost-detectability tradeoffs for persistent link-flooding attacks","author":"Kang","year":"2016"},{"key":"10.1016\/j.comnet.2018.09.021_bib0017","series-title":"Proceedings of IEEE\/IFIP DSN Workshop, Denver,CO,USA","article-title":"Software-defined honeynet: towards mitigating link flooding attacks","author":"Kim","year":"2017"},{"issue":"1","key":"10.1016\/j.comnet.2018.09.021_sbref0015","article-title":"Detecting and mitigating target link-flooding attacks using sdn","author":"Wang","year":"2018","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"1","key":"10.1016\/j.comnet.2018.09.021_bib0019","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1109\/COMST.2014.2330903","article-title":"A survey on software-defined networking","volume":"17","author":"Xia","year":"2015","journal-title":"IEEE Commun. Surv. Tut."},{"key":"10.1016\/j.comnet.2018.09.021_bib0020","series-title":"Proceedings of ACM SIGCOMM, Philadelphia, USA","article-title":"A clean slate 4d approach to network control and management","author":"Greenberg","year":"2005"},{"key":"10.1016\/j.comnet.2018.09.021_bib0021","series-title":"Proceedings of ACM SIGCOMM, Kyoto, Japan","article-title":"Ethane: taking control of the enterprise","author":"Casado","year":"2007"},{"issue":"2","key":"10.1016\/j.comnet.2018.09.021_bib0022","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1145\/1355734.1355746","article-title":"Openflow: enabling innovation in campus networks","volume":"38","author":"McKeown","year":"2008","journal-title":"ACM SIGCOMM Comput. Comm. Rev."},{"key":"10.1016\/j.comnet.2018.09.021_bib0023","series-title":"Proceedings of ACM SIGCOMM FDNA, Portland, USA","article-title":"The case for separating routing from routers","author":"Feamster","year":"2004"},{"key":"10.1016\/j.comnet.2018.09.021_bib0024","article-title":"Version 1.0. 0 (wire protocol 0x01)","volume":"1","author":"Specification","year":"2009","journal-title":"Open Network. Found."},{"key":"10.1016\/j.comnet.2018.09.021_bib0025","article-title":"Version 1.3. 0 (wire protocol 0x04)[electronic resource]","volume":"1","author":"Specification","year":"2012","journal-title":"Open Network. Found."},{"key":"10.1016\/j.comnet.2018.09.021_bib0026","article-title":"Version 1.5. 1 (wire protocol 0x04)[electronic resource]","volume":"1","author":"Specification","year":"2015","journal-title":"Open Network. Found."},{"key":"10.1016\/j.comnet.2018.09.021_bib0027","series-title":"Proceedings of IEEE\/ACM IWQoS, Beijing, China","article-title":"Dynamic flow scheduling for power-efficient data center networks","author":"Guo","year":"2016"},{"key":"10.1016\/j.comnet.2018.09.021_bib0028","series-title":"Proceeding of ACM SIGCOMM HotSDN, Chicago, USA","article-title":"Flow-based load balancing in multipathed layer-2 networks using OpenFlow and multipath-TCP","author":"Bredel","year":"2014"},{"key":"10.1016\/j.comnet.2018.09.021_bib0029","doi-asserted-by":"crossref","first-page":"253","DOI":"10.1016\/j.jnca.2016.10.021","article-title":"Quokka: latency-aware middlebox scheduling with dynamic resource allocation","volume":"78","author":"Li","year":"2017","journal-title":"J. Netw. Comput. Appl."},{"key":"10.1016\/j.comnet.2018.09.021_bib0030","series-title":"Proceedings of IEEE LCN, Colorado, USA","article-title":"Lightweight ddos flooding attack detection using nox\/openflow","author":"Braga","year":"2010"},{"key":"10.1016\/j.comnet.2018.09.021_bib0031","series-title":"Proceedings of Usenix Security, Washington, D.C., USA","article-title":"Bohatei: Flexible and elastic ddos defense.","author":"Fayaz","year":"2015"},{"issue":"1","key":"10.1016\/j.comnet.2018.09.021_bib0032","doi-asserted-by":"crossref","first-page":"e1996","DOI":"10.1002\/nem.1996","article-title":"A holistic approach to mitigating dos attacks in sdn networks","volume":"28","author":"Dridi","year":"2018","journal-title":"Int. J. Network Manage."},{"key":"10.1016\/j.comnet.2018.09.021_bib0033","series-title":"Proceedings of IEEE TENCON, Penang, Malaysia","article-title":"Applying nfv\/sdn in mitigating ddos attacks","author":"Zhou","year":"2017"},{"key":"10.1016\/j.comnet.2018.09.021_bib0034","series-title":"Proceedings of USENIX ATC, Philadelphia, USA","article-title":"Panopticon: Reaping the benefits of incremental sdn deployment in enterprise networks","author":"Levin","year":"2014"},{"key":"10.1016\/j.comnet.2018.09.021_bib0035","series-title":"Proceedings of ACM SIGCOMM, Hong Kong, China","article-title":"B4: experience with a globally-deployed software defined wan","author":"Jain","year":"2013"},{"key":"10.1016\/j.comnet.2018.09.021_bib0036","series-title":"Proceedings of ACM SIGCOMM, Hong Kong, China","article-title":"Achieving high utilization with software-driven wan","author":"Hong","year":"2013"},{"key":"10.1016\/j.comnet.2018.09.021_bib0037","series-title":"Proceedings IEEE INFOCOM, San Francisco, USA","article-title":"Traffic engineering in software defined networks","author":"Agarwal","year":"2013"},{"key":"10.1016\/j.comnet.2018.09.021_bib0038","series-title":"Technical Report","article-title":"Divide and Conquer: Partitioning OSPF networks with SDN","author":"Caria","year":"2014"},{"key":"10.1016\/j.comnet.2018.09.021_bib0039","doi-asserted-by":"crossref","first-page":"187","DOI":"10.1016\/j.comnet.2017.07.008","article-title":"Traffic engineering in hybrid sdn networks with multiple traffic matrices","volume":"126","author":"Guo","year":"2017","journal-title":"Comput. Netw."},{"key":"10.1016\/j.comnet.2018.09.021_bib0040","article-title":"Real-time sdn analytics for ddos mitigation","author":"Krishnan","year":"2014","journal-title":"Open Network. Summit"},{"key":"10.1016\/j.comnet.2018.09.021_bib0041","series-title":"Proceedings of USENIX Security, San Francisco, CA","article-title":"Measuring pay-per-install: the commoditization of malware distribution","author":"Caballero","year":"2011"},{"key":"10.1016\/j.comnet.2018.09.021_bib0042","series-title":"Proceedings of ACM SIGCOMM, Stockholm, Sweden","article-title":"Routing stability in congested networks: experimentation and analysis","author":"Shaikh","year":"2000"},{"key":"10.1016\/j.comnet.2018.09.021_bib0043","series-title":"Introduction to Algorithms","author":"Cormen","year":"2009"},{"key":"10.1016\/j.comnet.2018.09.021_bib0044","series-title":"Combinatorial Optimization: Algorithms and Complexity","author":"Papadimitriou","year":"1998"},{"key":"10.1016\/j.comnet.2018.09.021_bib0045","doi-asserted-by":"crossref","unstructured":"B. Korte, J. Vygen, Combinatorial optimization: theory and algorithms, algorithms and combinatorics 2 (2000), 2006.","DOI":"10.1007\/978-3-662-21708-5"},{"issue":"1","key":"10.1016\/j.comnet.2018.09.021_bib0046","doi-asserted-by":"crossref","first-page":"269","DOI":"10.1007\/BF01386390","article-title":"A note on two problems in connexion with graphs","volume":"1","author":"Dijkstra","year":"1959","journal-title":"Numerische Mathematik"},{"key":"10.1016\/j.comnet.2018.09.021_bib0047","series-title":"Proceedings of IEEE INFOCOM, Orlando, USA","article-title":"A practical algorithm for balancing the max-min fairness and throughput objectives in traffic engineering","author":"Danna","year":"2012"},{"key":"10.1016\/j.comnet.2018.09.021_bib0048","series-title":"Proceedings of ACM CoNEXT, Nice, France","first-page":"253","article-title":"Reproducible network experiments using container-based emulation","author":"Handigol","year":"2012"},{"issue":"3","key":"10.1016\/j.comnet.2018.09.021_bib0049","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1145\/1384609.1384625","article-title":"Nox: towards an operating system for networks","volume":"38","author":"Gude","year":"2008","journal-title":"ACM SIGCOMM Comput. Commun. Rev."}],"container-title":["Computer Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1389128618309721?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1389128618309721?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2019,10,24]],"date-time":"2019-10-24T19:28:34Z","timestamp":1571945314000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S1389128618309721"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,12]]},"references-count":49,"alternative-id":["S1389128618309721"],"URL":"https:\/\/doi.org\/10.1016\/j.comnet.2018.09.021","relation":{},"ISSN":["1389-1286"],"issn-type":[{"value":"1389-1286","type":"print"}],"subject":[],"published":{"date-parts":[[2018,12]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Woodpecker: Detecting and mitigating link-flooding attacks via SDN","name":"articletitle","label":"Article Title"},{"value":"Computer Networks","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.comnet.2018.09.021","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2018 Elsevier B.V. All rights reserved.","name":"copyright","label":"Copyright"}]}}