TY - GEN
T1 - Cloud-side shuffling defenses against ddos attacks on proxied multiserver systems
AU - Shan, Yuquan
AU - Kesidis, George
AU - Fleck, Daniel
N1 - Publisher Copyright:
© 2017 Association for Computing Machinery.
PY - 2017/11/3
Y1 - 2017/11/3
N2 - We consider a cloud based multiserver system, consisting of a set of replica application servers behind a set of proxy (indirection) servers which interact directly with clients over the Internet. We address cloud-side proactive and reactive defenses to combat DDoS attacks that may target this system. DDoS attacks are endemic with some notable attacks occurring just this past fall. Volumetric attacks may target proxies while "low volume" attacks may target replicas. After reviewing existing and proposed defenses, such as changing proxy IP addresses (a "moving target" technique to combat the reconnaissance phase of the botnet) and fission of overloaded servers, we focus on evaluation of defenses based on shuffling client-To-server assignments that can be both proactive and reactive to a DDoS attack. Our evaluations are based on a binomial distribution model that well agrees with simulations and preliminary experiments on a prototype that is also described.
AB - We consider a cloud based multiserver system, consisting of a set of replica application servers behind a set of proxy (indirection) servers which interact directly with clients over the Internet. We address cloud-side proactive and reactive defenses to combat DDoS attacks that may target this system. DDoS attacks are endemic with some notable attacks occurring just this past fall. Volumetric attacks may target proxies while "low volume" attacks may target replicas. After reviewing existing and proposed defenses, such as changing proxy IP addresses (a "moving target" technique to combat the reconnaissance phase of the botnet) and fission of overloaded servers, we focus on evaluation of defenses based on shuffling client-To-server assignments that can be both proactive and reactive to a DDoS attack. Our evaluations are based on a binomial distribution model that well agrees with simulations and preliminary experiments on a prototype that is also described.
UR - http://www.scopus.com/inward/record.url?scp=85037040862&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85037040862&partnerID=8YFLogxK
U2 - 10.1145/3140649.3140650
DO - 10.1145/3140649.3140650
M3 - Conference contribution
AN - SCOPUS:85037040862
T3 - CCSW 2017 - Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017
SP - 1
EP - 10
BT - CCSW 2017 - Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017
PB - Association for Computing Machinery, Inc
T2 - 8th ACM Cloud Computing Security Workshop, CCSW 2017
Y2 - 3 November 2017
ER -