{"title":"云环境下分布式拒绝服务攻击防范仿真研究","authors":"Wael Alosaimi, M. Alshamrani, K. Al-Begain","doi":"10.1109/NGMAST.2015.50","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks can affect the availability of the networks. In the age of cloud computing, these attacks are being more harmful in terms of their common influences and their new effects that harm the cloud sustainability by exploiting its scalability and payment model (pay-as-you-use). Therefore, a new form of DDoS attacks is introduced in the cloud context as an economical version of such attack. This new form is known as Economical Denial of Sustainability (EDoS) attack. To counteract such attacks, traditional network security means are used. Specifically, the firewalls that are working as filters for the incoming packets to the targeted network according to designated rules by the administrators can mitigate the impacts of DDoS and EDoS attacks. In this paper, a new solution called Enhanced DDoS-Mitigation System (Enhanced DDoS-MS) is proposed to encounter these attacks by utilizing the firewall capabilities in controlling a verification process to protect the targeted system. These capabilities are evaluated in a simulation environment. The results proved that the firewall mitigates the DDoS impacts successfully by improving the provided services to the users in terms of the response time and server load under attack. The study also suggests following implementation for the proposed framework with an active testbed.","PeriodicalId":217588,"journal":{"name":"2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Simulation-Based Study of Distributed Denial of Service Attacks Prevention in the Cloud\",\"authors\":\"Wael Alosaimi, M. Alshamrani, K. Al-Begain\",\"doi\":\"10.1109/NGMAST.2015.50\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Denial of Service (DDoS) attacks can affect the availability of the networks. In the age of cloud computing, these attacks are being more harmful in terms of their common influences and their new effects that harm the cloud sustainability by exploiting its scalability and payment model (pay-as-you-use). Therefore, a new form of DDoS attacks is introduced in the cloud context as an economical version of such attack. This new form is known as Economical Denial of Sustainability (EDoS) attack. To counteract such attacks, traditional network security means are used. Specifically, the firewalls that are working as filters for the incoming packets to the targeted network according to designated rules by the administrators can mitigate the impacts of DDoS and EDoS attacks. In this paper, a new solution called Enhanced DDoS-Mitigation System (Enhanced DDoS-MS) is proposed to encounter these attacks by utilizing the firewall capabilities in controlling a verification process to protect the targeted system. These capabilities are evaluated in a simulation environment. The results proved that the firewall mitigates the DDoS impacts successfully by improving the provided services to the users in terms of the response time and server load under attack. The study also suggests following implementation for the proposed framework with an active testbed.\",\"PeriodicalId\":217588,\"journal\":{\"name\":\"2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NGMAST.2015.50\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NGMAST.2015.50","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Simulation-Based Study of Distributed Denial of Service Attacks Prevention in the Cloud
Distributed Denial of Service (DDoS) attacks can affect the availability of the networks. In the age of cloud computing, these attacks are being more harmful in terms of their common influences and their new effects that harm the cloud sustainability by exploiting its scalability and payment model (pay-as-you-use). Therefore, a new form of DDoS attacks is introduced in the cloud context as an economical version of such attack. This new form is known as Economical Denial of Sustainability (EDoS) attack. To counteract such attacks, traditional network security means are used. Specifically, the firewalls that are working as filters for the incoming packets to the targeted network according to designated rules by the administrators can mitigate the impacts of DDoS and EDoS attacks. In this paper, a new solution called Enhanced DDoS-Mitigation System (Enhanced DDoS-MS) is proposed to encounter these attacks by utilizing the firewall capabilities in controlling a verification process to protect the targeted system. These capabilities are evaluated in a simulation environment. The results proved that the firewall mitigates the DDoS impacts successfully by improving the provided services to the users in terms of the response time and server load under attack. The study also suggests following implementation for the proposed framework with an active testbed.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
