FVDAMP: Fully Virtualized DDoS Attack Mitigation Procedure in Hybrid Clouds

IJCSEC Front Page

Abstract:
One of the main concerns for online service providers are Distributed Denial of Service (DDoS) attacks because of their impact on cost/revenue and reputation. In this paper presented, a novel platform to mitigate DDoS attacks, using Fully Virtualized DDoS Attack Mitigation Procedure (FVDAMP), on public cloud applications using capabilities of software defined infrastructure and network function virtualization techniques. FVDAMP deploys a copy of the application’s topology on-the-fly (a shark tank) on an isolated environment in a private cloud, during suspicious traffic is identified. FVDAMP then creates a virtual network that will host the shark tank. The suspicious traffics are redirected to the shark tank until final decision is made by Software-defined Data center’s (SDDC) Network controller which programs the virtual switches dynamically. If traffic is proved to be unmalicious, SDDC controller installs flow rules on the switches to redirect the traffic back to the original application. Thus, FVDAMP protects applications automatically against potential DDoS threats and lowers the false positives associated with common detection mechanisms by leveraging resources from a private cloud.

Keywords: FVDAMP,DDoS,Hybrid Clouds

References:

  1. Denial of Service attacks and the emergence of “Intrusion Prevention Systems”, SANS GSEC Practical Assignment v1.4b,Option 1 (Re-Submission),Adrian Brindley November 1, 2002.
  2. VMware® Software-Defined Data Center, Capabilities and Outcomes, technical white paper
  3. CAAMP: Completely Automated DDoS Attack Mitigation Procedure in Hybrid Clouds,Nasim Beigi-Mohammadi, Cornel Barna, Mark Shtern, Hamzeh Khazaei and Marin Litoiu Department of Computer Science,York University Toronto, ON, Canada Protecting Web Servers from Distributed Denial of Service Attacks, Department of Multimedia Computing University of Ulm Germany, Frank Kargl, Joern Maier, Michael Weber.