CBF : A packet filtering method for DDoS attack defense in cloud environment

Chen, Qi, Lin, Wenmin, Dou, Wanchun and Yu, Shui 2011, CBF : A packet filtering method for DDoS attack defense in cloud environment, in DASC 2011 : Proceedings of the 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing, IEEE Computer Society Conference Publishing Services (CPS), [Piscataway, N.J.], pp. 427-434.

Attached Files
Name Description MIMEType Size Downloads

Title CBF : A packet filtering method for DDoS attack defense in cloud environment
Author(s) Chen, Qi
Lin, Wenmin
Dou, Wanchun
Yu, Shui
Conference name IEEE International Conference on Dependable, Autonomic and Secure Computing (9th : 2011 : Sydney, N.S.W.)
Conference location Sydney, N.S.W.
Conference dates 12-14 Dec. 2011
Title of proceedings DASC 2011 : Proceedings of the 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing
Editor(s) [Unknown],
Publication date 2011
Conference series International Conference on Dependable, Autonomic and Secure Computing
Start page 427
End page 434
Total pages 8
Publisher IEEE Computer Society Conference Publishing Services (CPS)
Place of publication [Piscataway, N.J.]
Keyword(s) distributed denial-of-service attack
filtering
confidence
correlation pattern
network security
cloud environment
Summary Distributed Denial-of-Service attack (DDoS) is a major threat for cloud environment. Traditional defending approaches cannot be easily applied in cloud security due to their relatively low efficiency, large storage, to name a few. In view of this challenge, a Confidence-Based Filtering method, named CBF, is investigated for cloud computing environment, in this paper. Concretely speaking, the method is deployed by two periods, i.e., non-attack period and attack period. More specially, legitimate packets are collected at non-attack period, for extracting attribute pairs to generate a nominal profile. With the nominal profile, the CBF method is promoted by calculating the score of a particular packet at attack period, to determine whether to discard it or not. At last, extensive simulations are conducted to evaluate the feasibility of the CBF method. The result shows that CBF has a high scoring speed, a small storage requirement and an acceptable filtering accuracy, making it suitable for real-time filtering in cloud environment.
ISBN 9780769546124
9781467300063
Language eng
Field of Research 080503 Networking and Communications
Socio Economic Objective 890201 Application Software Packages (excl. Computer Games)
HERDC Research category E1 Full written paper - refereed
HERDC collection year 2011
Copyright notice ©2011, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30045058

Document type: Conference Paper
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Access Statistics: 88 Abstract Views, 8 File Downloads  -  Detailed Statistics
Created: Wed, 09 May 2012, 14:28:14 EST by Barb Robertson

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.