TY - GEN
T1 - Preliminary study of fission defenses against low-volume DoS attacks on proxied multiserver systems
AU - Shan, Yuquan
AU - Kesidis, George
AU - Fleck, Daniel
AU - Stavrou, Angelos
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/7/2
Y1 - 2017/7/2
N2 - Multiserver applications deployed in the public cloud infrastructure continue to be plagued by significant threat of Distributed Denial of Service (DDoS) attacks by large scale botnets, including very notable attack instances just this past Fall. Previously, proposed cloud-based defenses have attempted to address different aspects of this problem including: A proactive moving target approach to combat the reconnaissance phase where the botnet ascertains the identities (IP addresses) of the proxy (indirection) servers, and client-to-proxy-server assignment shuffling to deal with volumetric attacks. In this paper, we describe a 'fission' quarantine approach to deal with low-volume DoS attacks targeting the application servers. We then overview a developing attack-defense emulation platform. Finally, we give the results of a preliminary, model based numerical evaluation of the performance and cost of fission defense.
AB - Multiserver applications deployed in the public cloud infrastructure continue to be plagued by significant threat of Distributed Denial of Service (DDoS) attacks by large scale botnets, including very notable attack instances just this past Fall. Previously, proposed cloud-based defenses have attempted to address different aspects of this problem including: A proactive moving target approach to combat the reconnaissance phase where the botnet ascertains the identities (IP addresses) of the proxy (indirection) servers, and client-to-proxy-server assignment shuffling to deal with volumetric attacks. In this paper, we describe a 'fission' quarantine approach to deal with low-volume DoS attacks targeting the application servers. We then overview a developing attack-defense emulation platform. Finally, we give the results of a preliminary, model based numerical evaluation of the performance and cost of fission defense.
UR - http://www.scopus.com/inward/record.url?scp=85050894165&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85050894165&partnerID=8YFLogxK
U2 - 10.1109/MALWARE.2017.8323958
DO - 10.1109/MALWARE.2017.8323958
M3 - Conference contribution
AN - SCOPUS:85050894165
T3 - Proceedings of the 2017 12th International Conference on Malicious and Unwanted Software, MALWARE 2017
SP - 67
EP - 74
BT - Proceedings of the 2017 12th International Conference on Malicious and Unwanted Software, MALWARE 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 12th International Conference on Malicious and Unwanted Software, MALWARE 2017
Y2 - 11 October 2017 through 14 October 2017
ER -