Can we beat DDoS attacks in clouds?

Yu, Shui, Tian, Yonghong, Guo, Song and Wu, Dapeng Oliver 2014, Can we beat DDoS attacks in clouds?, IEEE transactions on parallel and distributed systems, vol. 25, no. 9, pp. 2245-2254, doi: 10.1109/TPDS.2013.181.

Attached Files
Name Description MIMEType Size Downloads

Title Can we beat DDoS attacks in clouds?
Author(s) Yu, ShuiORCID iD for Yu, Shui orcid.org/0000-0003-4485-6743
Tian, Yonghong
Guo, Song
Wu, Dapeng Oliver
Journal name IEEE transactions on parallel and distributed systems
Volume number 25
Issue number 9
Start page 2245
End page 2254
Total pages 10
Publisher IEEE
Place of publication Piscataway, N.J.
Publication date 2014-08-07
ISSN 1045-9219
Keyword(s) Cloud computing
DDoS attacks
mitigation
resource investment
system modelling
Science & Technology
Technology
Computer Science, Theory & Methods
Engineering, Electrical & Electronic
Computer Science
Engineering
NETWORK
Summary Cloud is becoming a dominant computing platform. Naturally, a question that arises is whether we can beat notorious DDoS attacks in a cloud environment. Researchers have demonstrated that the essential issue of DDoS attack and defense is resource competition between defenders and attackers. A cloud usually possesses profound resources and has full control and dynamic allocation capability of its resources. Therefore, cloud offers us the potential to overcome DDoS attacks. However, individual cloud hosted servers are still vulnerable to DDoS attacks if they still run in the traditional way. In this paper, we propose a dynamic resource allocation strategy to counter DDoS attacks against individual cloud customers. When a DDoS attack occurs, we employ the idle resources of the cloud to clone sufficient intrusion prevention servers for the victim in order to quickly filter out attack packets and guarantee the quality of the service for benign users simultaneously. We establish a mathematical model to approximate the needs of our resource investment based on queueing theory. Through careful system analysis and real-world data set experiments, we conclude that we can defeat DDoS attacks in a cloud environment. © 2013 IEEE.
Language eng
DOI 10.1109/TPDS.2013.181
Field of Research 080503 Networking and Communications
Socio Economic Objective 890101 Fixed Line Data Networks and Services
HERDC Research category C1 Refereed article in a scholarly journal
ERA Research output type C Journal article
Copyright notice ©2014, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30072504

Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 66 times in TR Web of Science
Scopus Citation Count Cited 98 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 327 Abstract Views, 6 File Downloads  -  Detailed Statistics
Created: Wed, 22 Apr 2015, 16:03:53 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.