Scale Inside-Out: Rapid Mitigation of Cloud DDoS Attacks
| Autor: | Gaurav Somani, Dheeraj Sanghi, Mauro Conti, Manoj Singh Gaur, Muttukrishnan Rajarajan |
|---|---|
| Rok vydání: | 2018 |
| Předmět: |
QA75
Cyber threat intelligence Computer science Application layer DDoS attack Denial-of-service attack Cloud computing 02 engineering and technology Computer security computer.software_genre DDoS mitigation Resource (project management) 0202 electrical engineering electronic engineering information engineering Resource management firewalls) Electrical and Electronic Engineering Downtime business.industry cloud computing security and protection (e.g 020206 networking & telecommunications TA DDoS attacks 020201 artificial intelligence & image processing business computer Trinoo Computer network |
| Zdroj: | IEEE Transactions on Dependable and Secure Computing. 15:959-973 |
| ISSN: | 2160-9209 1545-5971 |
| DOI: | 10.1109/tdsc.2017.2763160 |
| Popis: | The distributed denial of service (DDoS) attacks in cloud computing requires quick absorption of attack data. DDoS attack mitigation is usually achieved by dynamically scaling the cloud resources so as to quickly identify the onslaught features to combat the attack. The resource scaling comes with an additional cost which may prove to be a huge disruptive cost in the cases of longer, sophisticated, and repetitive attacks. In this work, we address an important problem, whether the resource scaling during attack, always result in rapid DDoS mitigation? For this purpose, we conduct real-time DDoS attack experiments to study the attack absorption and attack mitigation for various target services in the presence of dynamic cloud resource scaling. We found that the activities such as attack absorption which provide timely attack data input to attack analytics, are adversely compromised by the heavy resource usage generated by the attack. We show that the operating system level local resource contention, if reduced during attacks, can expedite the overall attack mitigation. The attack mitigation would otherwise not be completed by the dynamic scaling of resources alone. We conceived a novel relation which terms “Resource Utilization Factor” for each incoming request as the major component in forming the resource contention. To overcome these issues, we propose a new “Scale Inside-out” approach which during attacks, reduces the “Resource Utilization Factor” to a minimal value for quick absorption of the attack. The proposed approach sacrifices victim service resources and provides those resources to mitigation service in addition to other co-located services to ensure resource availability during the attack. Experimental evaluation shows up to 95 percent reduction in total attack downtime of the victim service in addition to considerable improvement in attack detection time, service reporting time, and downtime of co-located services. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|