期刊名称:International Journal of Innovative Research in Computer and Communication Engineering
印刷版ISSN:2320-9798
电子版ISSN:2320-9801
出版年度:2015
卷号:3
期号:3
DOI:10.15680/ijircce.2015.0303095
出版社:S&S Publications
摘要:Cloud is becoming a dominant computing platform. Naturally, a question that arises is whether we canbeat notorious DDoS attacks in a cloud environment. Researchers have demonstrated that the essential issue of DDoSattack and defence is resource competition between defenders and attackers. A cloud usually possesses profoundresources, and has full control and dynamic allocation capability of its resources. Therefore, cloud offers us thepotential to overcome DDoS attacks. However, individual cloud hosted servers are still vulnerable to DDoS attacks ifthey still run in the traditional way. In this paper, we propose a dynamic resource allocation strategy to counter DDoSattacks against individual cloud customers. When a DDoS attack occurs, we employ the idle resources of the cloud toclone sufficient intrusion prevention servers for the victim in order to quickly filter out attack packets and guarantee thequality of the service for benign users simultaneously. We establish a mathematical model to approximate the needs ofour resource investment based on queueing theory. Through careful system analysis and real-world data setexperiments, we conclude that we can defeat DDoS attacks in a cloud environment.
