期刊名称:International Journal of Innovative Research in Computer and Communication Engineering
印刷版ISSN:2320-9798
电子版ISSN:2320-9801
出版年度:2019
卷号:7
期号:2
页码:1473-1486
DOI:10.15680/IJIRCCE.2019. 0702155
出版社:S&S Publications
摘要:Network firewalls act as the first line of defence against unwanted and malicious traffic targeting
Internet servers. Predicting the overall firewall performance is crucial to network security engineers and designers in
assessing the effectiveness and resiliency of network firewalls against DDoS (Distributed Denial of Service) attacks as
those commonly launched by today’s Botnets. Distributed Denial-of-Service attack (DDoS) is a major threat for cloud
environment. Traditional defending approaches cannot be easily applied in cloud security due to their relatively low
efficiency, large storage, to name a few. Distributed denial of service (DDoS) attacks is the second most prevalent
cybercrime attacks after information theft. DDoS TCP flood attacks can exhaust the cloud's resources, consume most of
its bandwidth, and damage an entire cloud project within a short period of time. The timely detection and prevention of
such attacks in cloud projects are therefore vital. The proposed system offers a solution to securing the system by real
time packet monitoring and stored records by classifying the incoming packets and making a decision based on the
classification results. During the detection phase, the system identifies and determines whether a packet is normal or
originates from an attacker. During the prevention phase, packets, which are classified as malicious, will be denied to
access the cloud service and the source IP will be blacklisted. The virtualization for cloud, packet analyzer Wireshark
and support vector machine (SVM) is used to implement the proposed system. The performance of the proposed system
is compared using the different existing systems with different types of classification and packet filtering and analyzing
techniques like OSSEC. The results show that proposed system yields the best performance with modified
classification and packet filtering technique in real time with improved efficiency.
关键词:DDoS Attack; Cloud; Virtualization; SVM; Wireshark; IP Packets; OSSEC
