J. H. Corrêa, Epaminondas A. Sousa Junior, I. Fonseca, Vivek Nigam, M. Ribeiro, R. Villaça
{"title":"Selectivity and Autoscaling as Complementary Defenses for DDoS Protection to Cloud Services","authors":"J. H. Corrêa, Epaminondas A. Sousa Junior, I. Fonseca, Vivek Nigam, M. Ribeiro, R. Villaça","doi":"10.1109/CloudNet47604.2019.9064139","DOIUrl":null,"url":null,"abstract":"Distributed Denial-of-Service (DDoS) is becoming an even more complex problem with the migration of these services and applications to shared and centralized cloud infrastructures. Application layer Denial-of-Service attacks (ADDoS) is an special type of DDoS attacks, and the main problem in mitigating these attacks is because attacker requests are similar to legitimate clients. This paper proposes to use the scalability feature of cloud infrastructure as a defense from high-rate DDoS attacks, and selectivity defense to mitigate low-rate ADDoS attacks. Experiments are conducted in an OpenStack cloud environment to show that the combined use of selectivity and autoscaling can be used as a defense against low- and high-rate DDoS attacks.","PeriodicalId":340890,"journal":{"name":"2019 IEEE 8th International Conference on Cloud Networking (CloudNet)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 8th International Conference on Cloud Networking (CloudNet)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CloudNet47604.2019.9064139","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Distributed Denial-of-Service (DDoS) is becoming an even more complex problem with the migration of these services and applications to shared and centralized cloud infrastructures. Application layer Denial-of-Service attacks (ADDoS) is an special type of DDoS attacks, and the main problem in mitigating these attacks is because attacker requests are similar to legitimate clients. This paper proposes to use the scalability feature of cloud infrastructure as a defense from high-rate DDoS attacks, and selectivity defense to mitigate low-rate ADDoS attacks. Experiments are conducted in an OpenStack cloud environment to show that the combined use of selectivity and autoscaling can be used as a defense against low- and high-rate DDoS attacks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
