Optimal Load Distribution for the Detection of VM-Based DDoS Attacks in the Cloud
Autor: | Azzam Mourad, Jamal Bentahar, Omar Abdel Wahab, Hadi Otrok |
---|---|
Rok vydání: | 2020 |
Předmět: |
Information Systems and Management
Exploit Computer Networks and Communications business.industry Computer science Distributed computing Application layer DDoS attack 020206 networking & telecommunications Hypervisor Cloud computing Denial-of-service attack 02 engineering and technology computer.software_genre Virtualization Computer Science Applications Hardware and Architecture Virtual machine Server 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing business computer Computer network |
Zdroj: | IEEE Transactions on Services Computing. 13:114-129 |
ISSN: | 2372-0204 |
DOI: | 10.1109/tsc.2017.2694426 |
Popis: | Distributed Denial of Service (DDoS) constitutes a major threat against cloud systems owing to the large financial losses it incurs. This motivated the security research community to investigate numerous detection techniques to limit such attack's effects. Yet, the existing solutions are still not mature enough to satisfy a cloud-dedicated detection system's requirements since they overlook the attacker's wily strategies that exploit the cloud's elastic and multi-tenant properties, and ignore the cloud system's resources constraints. Motivated by this fact, we propose a two-fold solution that allows, first, the hypervisor to establish credible trust relationships toward guest Virtual Machines (VMs) by considering objective and subjective trust sources and employing Bayesian inference to aggregate them. On top of the trust model, we design a trust-based maximin game between DDoS attackers trying to minimize the cloud system's detection and hypervisor trying to maximize this minimization under limited budget of resources. The game solution guides the hypervisor to determine the optimal detection load distribution among VMs in real-time that maximizes DDoS attacks’ detection. Experimental results reveal that our solution maximizes attacks’ detection, decreases false positives and negatives, and minimizes CPU, memory and bandwidth consumption during DDoS attacks compared to the existing detection load distribution techniques. |
Databáze: | OpenAIRE |
Externí odkaz: |