Username   Password       Forgot your password?  Forgot your username? 


Volume 14 - 2018

No.1 January 2018
No.1 January 2018
No.3 March 2018
No.3 March 2018
No.4 April 2018
No.4 April 2018
No.5 May 2018
No.5 May 2018
No.6 June 2018
No.6 June 2018

Volume 13 - 2017

No.4 July 2017
No.4 July 2017
No.5 September 2017
No.5 September 2017
No.7 November 2017
No.7 November 2017
No.8 December 2017
No.8 December 2017

Volume 12 - 2016

Volume 11 - 2015

Volume 10 - 2014

Volume 9 - 2013

Volume 8 - 2012

Volume 7 - 2011

Volume 6 - 2010

Volume 5 - 2009

Volume 4 - 2008

Volume 3 - 2007

Volume 2 - 2006


DDoS Attacks Defense Mechanism based on Secure Routing Alliance

Volume 14, Number 3, March 2018, pp. 512-520
DOI: 10.23940/ijpe.18.03.p12.512520

Xiaohui Yang and Yue Yu

School of Cyberspace Security and Computer, Hebei University, Baoding, 071002, China

(Submitted on December 25, 2017; Revised on January 16, 2018; Accepted on February 20, 2018)


Distributed Denial of Service (DDoS) attacks on the cloud computing platform has become one of the key issues affecting cloud security. According to the sources of security threat of cloud computing platform, construct secure routing alliance, filter and resist DDoS from the route of cloud user to cloud computing center, design data forwarding mechanism and fault nodes replacement mechanism. The strategy of secure overlay services is combined with the structural characteristics of the ubiquitous routing platform to defend against DDoS attacks. The Chord ring is improved, the nodes are divided according to the distance in the physical network, and the Chord algorithm is avoided repeatedly ignoring the forwarding of physical paths. Since the original Chord algorithm is applied to the P2P network, in order to make it more suitable for the hierarchical physical topology, only the first three jumps of the Chord algorithm's query steps are taken. Fault nodes replacement mechanism uses virtual machine technology to convert nodes in the network into a large number of virtual nodes and serve as backup nodes in the security structure in time to replace the attacked nodes with backup nodes to minimize the impact of attacks on the nodes. The simulation results show that with the increase of the number of nodes, the data passing rate of the secure routing alliance can exceed 90% and the pass rate can be guaranteed to be over 35% when the number of attack nodes is large, which ensures data security and the availability of the transmission paths.


References: 21

  1. A. Bakshi and B. Yogesh, “Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine,” Communication Software and Networks, pp. 260-264, 2010.
  2. Cloud Security Alliance, “Top Threats to Cloud Computing,”, August 2015.
  3. X. Chen, H. Cheng, and Z. J. Zheng, “Cloud Computing Virtualization Technology Development and Trends”, Electronic Technology and Software Engineering, no. 21, 2017.
  4. T. Erl, Z. Mahmood, and R. Puttini, “Cloud Computing Concepts, Technology and Architecture,” Mechanical Industry Press, Beijing, China, pp. 14-76, 2014.
  5. W. Han, “Research on DDoS Attacks Defense based on Hadoop Cloud Computing Platform,” Taiyuan University of Science and Technology, Taiyuan, China, 2011.
  6. Z. J. Han, “Defence of Denial of Service Attack based on Cloud Computing Platform,” Institute of Information Technology, vol. 37, no. 3, pp. 67-69, 2011.
  7. C. H. In, C. S. Hong, and J. Wei, “An Enhanced SOS Architecture for DDoS Attacks Defense Using Active Network Technology,” Proceedings of Advanced Industrial Conference on Telecommunications/ Service Assurance with Partial and Intermittent Resources Conference/ Learning on Telecommunications Workshop, Lisbon, Portugal, pp. 90-95, 2005.
  8. A. D. Keromytis, V. Misra, and D. Rubenstein, “SOS: An Architecture for Mitigating DDoS Attacks,” IEEE Journal on Selected Areas in Communications, vol. 22, no. 1, pp. 176-187, 2004.
  9. G. Q. Lu, “Ubiquitous Routing Platform of Cloud Computing,” Journal of Information Security and Technology, pp. 106-108, August 2010.
  10. R. Sahay, G. Blanc, Z. Zhang, and H. Debar, “Towards Autonomic DDoS Mitigation Using Software Defined Networking,” NDSS Workshop on Security of Emerging Networking Technologies, Internet Society, 2015.
  11. G. Somani, M. S. Gaur, D. Sanghi, M. Conti, M. Rajarajan, and R. Buyya, “Combating DDoS Attacks in the Cloud: Requirements, Trends, and Future Directions,” IEEE Cloud Computing, 2017.
  12. A. Stavrou and A. D. Keromytis, “Countering DoS Attacks with Stateless Multipath Overlays,” Proceedings of the 12th ACM Conference on Computer and Communications Security CCS'05, pp. 249-259, Virginia, USA, 2005.
  13. S. C. Tsai, I. H. Liu, C. Lu, C. H. Chang, and J. S. Li, “Defending Cloud Computing Environment against the Challenge of DDoS Attacks based on Software Defined Network,” in Advances in Intelligent Information Hiding and Multimedia Signal Processing: Proceeding of the Twelfth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, vol. 1, pp. 21–292, 2017.
  14. X. Wang, M. Chen, and C. Xing, “SDSNM: A Software Defined Security Networking Mechanism to Defend Against DDoS Attacks,” in Frontier of Computer Science and Technology (FCST), 2015 Ninth International Conference on, IEEE, pp. 115–121, 2015.
  15. X. Wang, S. Chellappan, and P. Boyer, “On the Effectiveness of Secure Overlay Forwarding Systems under Intelligent Distributed DoS Attacks,” IEEE Transactions on Parallel and Distributed Systems, vol. 17, no. 7, pp. 619-632, 2006.
  16. Y. Wang, J. Ma, D. Lu, X. Lu, and L. Zhang, “From High-Availability to Collapse: Quantitative Analysis of ‘Cloud Droplet Freezing’ Attack Threats to Virtual Machine Migration in Cloud Computing,” Cluster Computing. vol. 17, no. 4, pp. 1369–1381, 2014.
  17. Z. J. Wu, Y. Cui, and M. Yue, “Defensive DDoS Attack Method based on Virtual Hash Secure Access Path VHSAP for Cloud Computing Routing Platforms,” Journal of Communication, vol. 36, no. 1, pp. 34-41, 2015.
  18. D. Xuan, S. Chellappan, and X. Wang, “Analyzing the Secure Overlay Services Architecture under Intelligent DDoS Attacks,” Proceedings of the 24th International Conference on Distributed Computing Systems, pp. 408-417, Tokyo, Japan,2004.
  19. Q. Yan and F. Yu, “Distributed Denial of Service Attacks in Software Defined Networking with Cloud Computing,” Commun. Mag. IEEE, vol.53, no. 4, pp. 52-59, 2015.
  20. G. Yossi, H. Amir, S. Michael, and G. Michael, “CDN on Demand: An Affordable DDoS Defense via Untrusted Clouds,” Network and Distributed System Security Symposium (NDSS), 2016.
  21. Y. L. Zhao and J. Zhang, “OMNeT++ and Network Simulation,” People's Posts and Telecommunications Press, pp. 22-102, Beijing, China, 2012.


Please note : You will need Adobe Acrobat viewer to view the full articles.Get Free Adobe Reader

Download this file (IJPE-2018-03-12.pdf)IJPE-2018-03-12.pdf[DDoS Attacks Defense Mechanism based on Secure Routing Alliance]440 Kb


Prev Next

Temporal Multiscale Consumption Strategies of Intermittent Energy based on Parallel Computing

Huifen Chen, Yiming Zhang, Feng Yao, Zhice Yang, Fang Liu, Yi Liu, Zhiheng Li, and Jinggang Wang

Read more

Decision Tree Incremental Learning Algorithm Oriented Intelligence Data

Hongbin Wang, Ci Chu, Xiaodong Xie, Nianbin Wang, and Jing Sun

Read more

Spark-based Ensemble Learning for Imbalanced Data Classification

Jiaman Ding, Sichen Wang, Lianyin Jia, Jinguo You, and Ying Jiang

Read more

Classification Decision based on a Hybrid Method of Weighted kNN and Hyper-Sphere SVM

Peng Chen, Guoyou Shi, Shuang Liu, Yuanqiang Zhang, and Denis Špelič

Read more

An Improved Algorithm based on Time Domain Network Evolution

Guanghui Yan, Qingqing Ma, Yafei Wang, Yu Wu, and Dan Jin

Read more

Auto-Tuning for Solving Multi-Conditional MAD Model

Feng Yao, Yi Liu, Huifen Chen, Chen Li, Zhonghua Lu, Jinggang Wang, Zhiheng Li, and Ningming Nie

Read more

Smart Mine Construction based on Knowledge Engineering and Internet of Things

Xiaosan Ge, Shuai Su, Haiyang Yu, Gang Chen, and Xiaoping Lu

Read more

A Mining Model of Network Log Data based on Hadoop

Yun Wu, Xin Ma, Guangqian Kong, Bin Wang, and Xinwei Niu

Read more
This site uses encryption for transmitting your passwords.