Optimal Monitor Placement Policy Against Distributed Denial-of-Service Attack in Datacenter

Rajorshi Biswas, Jie Wu, Yang Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations


A distributed denial-of-service (DDoS) attack is a cyber-attack in which multiple attackers send out a huge number of requests to exhaust the capacity of a server, so that it can no longer serve incoming requests. In this paper, we propose a mechanism to protect against DDoS attacks originated within a datacenter. Our system is composed of two parts: flow monitoring and traffic filtering. In flow monitoring, we formulate two problems: one for finding flow assignments to monitors and another for selecting best locations of monitors. The first problem considers that the locations of monitors are predefined by the cloud provider and we provide an optimal solution. The second problem considers that the locations of monitors are not predetermined and there is a limit on the number of monitors. We propose a greedy solution for the second problem. The traffic filtering is trivial, as the DDoS flow can be blocked from the hypervisor of the source virtual machine. We present simulation results that strengthen support for our solutions.

Original languageEnglish (US)
Title of host publicationProceedings - 2019 Resilience Week, RWS 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages7
ISBN (Electronic)9781728121352
StatePublished - Nov 2019
Event2019 Resilience Week, RWS 2019 - San Antonio, United States
Duration: Nov 4 2019Nov 7 2019

Publication series

NameProceedings - 2019 Resilience Week, RWS 2019


Conference2019 Resilience Week, RWS 2019
Country/TerritoryUnited States
CitySan Antonio

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality
  • Energy Engineering and Power Technology
  • Social Psychology


Dive into the research topics of 'Optimal Monitor Placement Policy Against Distributed Denial-of-Service Attack in Datacenter'. Together they form a unique fingerprint.

Cite this