<p>Distributed denial-of-service (DDoS) attacks pose a significant threat to software-defined networking with the Internet of Things (SDN-IoT) at present. Although SDN improves network agility and control, the restricted resources of IoT devices also expose new security flaws. This review provides a comprehensive analysis of DDoS attack types, taxonomies, and defense mechanisms in IoT and SDN-IoT networks. The study employs the PRISMA approach to analyze research papers published between 2020 and 2025 that focus on prevention, detection, and mitigation techniques. Unlike prior surveys that are mainly concerned with detection methods, this survey presents an in-depth and unified cross-layer comparison of prevention, detection, and mitigation techniques across the layers of IoT and SDN-IoT networks. Benchmark datasets and evaluation metrics are also compared to identify reproducibility and data imbalance issues. The review further provides a discussion on architectural elements influencing resilience, such as centralized and distributed controller architectures and controller placement in SDN-IoT systems. It also acknowledges the fact that full protection from DDoS attacks is unattainable and highlights resilience, risk mitigation, and response adaptability. Finally, key research gaps and future directions are identified to guide the development of scalable, intelligent, and collaborative DDoS defense frameworks for next-generation SDN-IoT systems.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A comprehensive review of DDoS attack prevention, detection, and mitigation in IoT and SDN-IoT networks

  • Sujit Sutradhar,
  • Keya Chowdhury,
  • Subhrajyoti Deb,
  • Joy Lal Sarkar,
  • Chandan Kumar,
  • Aditya Kumar Sahu

摘要

Distributed denial-of-service (DDoS) attacks pose a significant threat to software-defined networking with the Internet of Things (SDN-IoT) at present. Although SDN improves network agility and control, the restricted resources of IoT devices also expose new security flaws. This review provides a comprehensive analysis of DDoS attack types, taxonomies, and defense mechanisms in IoT and SDN-IoT networks. The study employs the PRISMA approach to analyze research papers published between 2020 and 2025 that focus on prevention, detection, and mitigation techniques. Unlike prior surveys that are mainly concerned with detection methods, this survey presents an in-depth and unified cross-layer comparison of prevention, detection, and mitigation techniques across the layers of IoT and SDN-IoT networks. Benchmark datasets and evaluation metrics are also compared to identify reproducibility and data imbalance issues. The review further provides a discussion on architectural elements influencing resilience, such as centralized and distributed controller architectures and controller placement in SDN-IoT systems. It also acknowledges the fact that full protection from DDoS attacks is unattainable and highlights resilience, risk mitigation, and response adaptability. Finally, key research gaps and future directions are identified to guide the development of scalable, intelligent, and collaborative DDoS defense frameworks for next-generation SDN-IoT systems.