Networking and Communication Engineering

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Intrusion Detection and Defense Against DDoS Attack in Virtual Network Systems


Affiliations
1 Department of Computer Science, Saveetha School of Engineering, Saveetha University, Thandalam, Chennai, India
2 Computer Science Department, Saveetha School of Engineering, Saveetha University, Thandalam, Chennai, India
     

   Subscribe/Renew Journal


Cloud Security has involved a lot of research in past few years. Generally, attackers can discover vulnerabilities of a cloud system and virtual machines are compromised to install further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks involves many stages such as multi-step utilization, low frequency vulnerability scanning, and compromise identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the discovery of zombie exploration attacks is really hard. It’s for the reason that the cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, the proposed method is a multi-phase distributed vulnerability detection and protection mechanism as a System called NICE, which is made on attack graph based analytical models and reconfigurable virtual network-based defenses. The suggested framework forces Open Flow network programming APIs to build a monitor and control plane over distributed programmable virtual switches in order to significantly improve attack detection and improve attack consequences. The system and security evaluations exhibit the efficiency and usefulness of the solution proposed for the attack.

Keywords

Network Security, Cloud Computing, Intrusion Detection, Zombie Detection.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 187

PDF Views: 2




  • Intrusion Detection and Defense Against DDoS Attack in Virtual Network Systems

Abstract Views: 187  |  PDF Views: 2

Authors

S. Raichal
Department of Computer Science, Saveetha School of Engineering, Saveetha University, Thandalam, Chennai, India
R. Nedunchelian
Computer Science Department, Saveetha School of Engineering, Saveetha University, Thandalam, Chennai, India

Abstract


Cloud Security has involved a lot of research in past few years. Generally, attackers can discover vulnerabilities of a cloud system and virtual machines are compromised to install further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks involves many stages such as multi-step utilization, low frequency vulnerability scanning, and compromise identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the discovery of zombie exploration attacks is really hard. It’s for the reason that the cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, the proposed method is a multi-phase distributed vulnerability detection and protection mechanism as a System called NICE, which is made on attack graph based analytical models and reconfigurable virtual network-based defenses. The suggested framework forces Open Flow network programming APIs to build a monitor and control plane over distributed programmable virtual switches in order to significantly improve attack detection and improve attack consequences. The system and security evaluations exhibit the efficiency and usefulness of the solution proposed for the attack.

Keywords


Network Security, Cloud Computing, Intrusion Detection, Zombie Detection.