{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,12]],"date-time":"2026-05-12T16:21:03Z","timestamp":1778602863236,"version":"3.51.4"},"reference-count":39,"publisher":"Wiley","license":[{"start":{"date-parts":[[2021,1,29]],"date-time":"2021-01-29T00:00:00Z","timestamp":1611878400000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61379149"],"award-info":[{"award-number":["61379149"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61772271"],"award-info":[{"award-number":["61772271"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2017M610286"],"award-info":[{"award-number":["2017M610286"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002858","name":"China Postdoctoral Science Foundation","doi-asserted-by":"publisher","award":["61379149"],"award-info":[{"award-number":["61379149"]}],"id":[{"id":"10.13039\/501100002858","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002858","name":"China Postdoctoral Science Foundation","doi-asserted-by":"publisher","award":["61772271"],"award-info":[{"award-number":["61772271"]}],"id":[{"id":"10.13039\/501100002858","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002858","name":"China Postdoctoral Science Foundation","doi-asserted-by":"publisher","award":["2017M610286"],"award-info":[{"award-number":["2017M610286"]}],"id":[{"id":"10.13039\/501100002858","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2021,1,29]]},"abstract":"<jats:p>In order to achieve requirements such as fast search of flow entries and mask matching, OpenFlow hardware switches usually use TCAM to store flow entries. Limited by the capacity of TCAM, the current commercial OpenFlow switches can only support hundreds of thousands of flow entries, which makes SDN network using OpenFlow hardware switches vulnerable to the threat of flow table overflow attack. Among them, low-rate DoS (LDoS) attack against table overflow poses a serious threat to SDN networks due to its high attack efficiency and concealed flow, and it is also difficult to detect. In this regard, this paper analyzed two types of LDoS attack flow against table overflow and proposed an attack detection and defense mechanism named SAIA (Small-flow Analysis and Inport-flow Analysis) through the design of table overflow prediction and flow entries deletion strategy. Experiments conducted through the SDN network environment showed that SAIA can effectively detect and suppress LDoS attack flows in the flow table in large-scale network conditions and verified that the deployment of SAIA is lightweight. At the same time, SAIA implemented the flow entry deletion strategy based on LRU when the flow table overflows in a nonattack situation, which further enhances the stability of the network.<\/jats:p>","DOI":"10.1155\/2021\/6667922","type":"journal-article","created":{"date-parts":[[2021,1,29]],"date-time":"2021-01-29T19:20:06Z","timestamp":1611948006000},"page":"1-16","source":"Crossref","is-referenced-by-count":18,"title":["A Table Overflow LDoS Attack Defending Mechanism in Software-Defined Networks"],"prefix":"10.1155","volume":"2021","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4609-4949","authenticated-orcid":true,"given":"Shengxu","family":"Xie","sequence":"first","affiliation":[{"name":"Command & Control Engineering College, Army Engineering University of PLA, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0132-7040","authenticated-orcid":true,"given":"Changyou","family":"Xing","sequence":"additional","affiliation":[{"name":"Command & Control Engineering College, Army Engineering University of PLA, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7967-7596","authenticated-orcid":true,"given":"Guomin","family":"Zhang","sequence":"additional","affiliation":[{"name":"Command & Control Engineering College, Army Engineering University of PLA, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4594-0461","authenticated-orcid":true,"given":"Jinlong","family":"Zhao","sequence":"additional","affiliation":[{"name":"Command & Control Engineering College, Army Engineering University of PLA, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","reference":[{"key":"1","doi-asserted-by":"publisher","DOI":"10.1109\/tnet.2017.2748159"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1109\/comst.2017.2689819"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1142"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1109\/mcom.2017.1600970"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/4760632"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1109\/tnsm.2017.2758796"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1109\/jproc.2014.2371999"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1109\/ISCAIE47305.2020.9108803"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/tsc.2016.2602861"},{"key":"10","first-page":"141","article-title":"A priority-aware strategy against the flow table overflow attack in SDN","author":"M. Zhang"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/CCWC.2018.8301654"},{"key":"12","article-title":"An inference attack model for flow table capacity and usage: exploiting the vulnerability of flow table overflow in software-defined network","author":"J. Leng","year":"2015"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-78813-5_18"},{"key":"14","author":"NOF","year":"2020"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1016\/j.dcan.2020.04.002"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2019.01.031"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1145\/863955.863966"},{"key":"18","first-page":"954","article-title":"Detectability of low-rate HTTP server DoS attacks using spectral analysis","author":"J. B. R. Sharma"},{"key":"19","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2008.07.004"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2010.05.002"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1109\/lcomm.2017.2766636"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-01704-0_6"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2018.07.017"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1002\/dac.4061"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1109\/tnsm.2018.2890754"},{"key":"26","first-page":"484","article-title":"Flowmaster: early eviction of dead flow on sdn switches","author":"K. Kannan"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1109\/ICSCCC.2018.8703307"},{"key":"28","first-page":"591","article-title":"Taming the flow table overflow in openflow switch","author":"S. Qiao"},{"key":"29","first-page":"127","article-title":"Optimizing rules placement in OpenFlow networks: trading routing for better efficiency","author":"X. N. Nguyen"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2017.04.046"},{"key":"31","doi-asserted-by":"publisher","DOI":"10.3390\/s19102341"},{"key":"32","doi-asserted-by":"publisher","DOI":"10.1109\/icc.2015.7249166"},{"key":"33","doi-asserted-by":"publisher","DOI":"10.1109\/icccn.2014.6911781"},{"key":"34","doi-asserted-by":"publisher","DOI":"10.1109\/icccn.2018.8487362"},{"key":"35","doi-asserted-by":"publisher","DOI":"10.1109\/comst.2015.2506984"},{"key":"36","doi-asserted-by":"publisher","DOI":"10.1109\/icccnt.2018.8493926"},{"key":"37","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-15-7530-3_7"},{"key":"38"},{"key":"39","volume-title":"Openflow Timeouts Demystified","author":"A. Zarek","year":"2012"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/6667922.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/6667922.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/6667922.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,1,29]],"date-time":"2021-01-29T19:20:09Z","timestamp":1611948009000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2021\/6667922\/"}},"subtitle":[],"editor":[{"given":"Petros","family":"Nicopolitidis","sequence":"additional","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2021,1,29]]},"references-count":39,"alternative-id":["6667922","6667922"],"URL":"https:\/\/doi.org\/10.1155\/2021\/6667922","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"value":"1939-0122","type":"electronic"},{"value":"1939-0114","type":"print"}],"subject":[],"published":{"date-parts":[[2021,1,29]]}}}