Open Access
Subscription Access
Open Access
Subscription Access
Intrusion Detection and Defense Against DDoS Attack in Virtual Network Systems
Subscribe/Renew Journal
Cloud Security has involved a lot of research in past few years. Generally, attackers can discover vulnerabilities of a cloud system and virtual machines are compromised to install further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks involves many stages such as multi-step utilization, low frequency vulnerability scanning, and compromise identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the discovery of zombie exploration attacks is really hard. It’s for the reason that the cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, the proposed method is a multi-phase distributed vulnerability detection and protection mechanism as a System called NICE, which is made on attack graph based analytical models and reconfigurable virtual network-based defenses. The suggested framework forces Open Flow network programming APIs to build a monitor and control plane over distributed programmable virtual switches in order to significantly improve attack detection and improve attack consequences. The system and security evaluations exhibit the efficiency and usefulness of the solution proposed for the attack.
Keywords
Network Security, Cloud Computing, Intrusion Detection, Zombie Detection.
User
Subscription
Login to verify subscription
Font Size
Information
Abstract Views: 238
PDF Views: 2