Username   Password       Forgot your password?  Forgot your username? 

ISSUES BY YEAR

Volume 15 - 2019

No.1 January 2019
No.1 January 2019
No.2 February 2019
No.2 February 2019
No.3 March 2019
No.3 March 2019
No.4 April 2019
No.4 April 2019
No.5 May 2019
No.5 May 2019

Volume 14 - 2018

No.1 January 2018
No.1 January 2018
No.3 March 2018
No.3 March 2018
No.4 April 2018
No.4 April 2018
No.5 May 2018
No.5 May 2018
No.6 June 2018
No.6 June 2018
No.7 July 2018
No.7 July 2018
No.8 August 2018
No.8 August 2018
No.9 September 2018
No.9 September 2018
No.10 October 2018
No.10 October 2018
No.11 November 2018
No.11 November 2018
No.12 December 2018
No.12 December 2018

Volume 13 - 2017

No.4 July 2017
No.4 July 2017
No.5 September 2017
No.5 September 2017
No.7 November 2017
No.7 November 2017
No.8 December 2017
No.8 December 2017

Volume 12 - 2016

Volume 11 - 2015

Volume 10 - 2014

Volume 9 - 2013

Volume 8 - 2012

Volume 7 - 2011

Volume 6 - 2010

Volume 5 - 2009

Volume 4 - 2008

Volume 3 - 2007

Volume 2 - 2006

 

DDoS Attacks Defense Mechanism based on Secure Routing Alliance

Volume 14, Number 3, March 2018, pp. 512-520
DOI: 10.23940/ijpe.18.03.p12.512520

Xiaohui Yang and Yue Yu

School of Cyberspace Security and Computer, Hebei University, Baoding, 071002, China

(Submitted on December 25, 2017; Revised on January 16, 2018; Accepted on February 20, 2018)


Abstract:

Distributed Denial of Service (DDoS) attacks on the cloud computing platform has become one of the key issues affecting cloud security. According to the sources of security threat of cloud computing platform, construct secure routing alliance, filter and resist DDoS from the route of cloud user to cloud computing center, design data forwarding mechanism and fault nodes replacement mechanism. The strategy of secure overlay services is combined with the structural characteristics of the ubiquitous routing platform to defend against DDoS attacks. The Chord ring is improved, the nodes are divided according to the distance in the physical network, and the Chord algorithm is avoided repeatedly ignoring the forwarding of physical paths. Since the original Chord algorithm is applied to the P2P network, in order to make it more suitable for the hierarchical physical topology, only the first three jumps of the Chord algorithm's query steps are taken. Fault nodes replacement mechanism uses virtual machine technology to convert nodes in the network into a large number of virtual nodes and serve as backup nodes in the security structure in time to replace the attacked nodes with backup nodes to minimize the impact of attacks on the nodes. The simulation results show that with the increase of the number of nodes, the data passing rate of the secure routing alliance can exceed 90% and the pass rate can be guaranteed to be over 35% when the number of attack nodes is large, which ensures data security and the availability of the transmission paths.

 

References: 21

  1. A. Bakshi and B. Yogesh, “Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine,” Communication Software and Networks, pp. 260-264, 2010.
  2. Cloud Security Alliance, “Top Threats to Cloud Computing,”  https://cloudsecurityalliance.org/group/top-threat, August 2015.
  3. X. Chen, H. Cheng, and Z. J. Zheng, “Cloud Computing Virtualization Technology Development and Trends”, Electronic Technology and Software Engineering, no. 21, 2017.
  4. T. Erl, Z. Mahmood, and R. Puttini, “Cloud Computing Concepts, Technology and Architecture,” Mechanical Industry Press, Beijing, China, pp. 14-76, 2014.
  5. W. Han, “Research on DDoS Attacks Defense based on Hadoop Cloud Computing Platform,” Taiyuan University of Science and Technology, Taiyuan, China, 2011.
  6. Z. J. Han, “Defence of Denial of Service Attack based on Cloud Computing Platform,” Institute of Information Technology, vol. 37, no. 3, pp. 67-69, 2011.
  7. C. H. In, C. S. Hong, and J. Wei, “An Enhanced SOS Architecture for DDoS Attacks Defense Using Active Network Technology,” Proceedings of Advanced Industrial Conference on Telecommunications/ Service Assurance with Partial and Intermittent Resources Conference/ Learning on Telecommunications Workshop, Lisbon, Portugal, pp. 90-95, 2005.
  8. A. D. Keromytis, V. Misra, and D. Rubenstein, “SOS: An Architecture for Mitigating DDoS Attacks,” IEEE Journal on Selected Areas in Communications, vol. 22, no. 1, pp. 176-187, 2004.
  9. G. Q. Lu, “Ubiquitous Routing Platform of Cloud Computing,” Journal of Information Security and Technology, pp. 106-108, August 2010.
  10. R. Sahay, G. Blanc, Z. Zhang, and H. Debar, “Towards Autonomic DDoS Mitigation Using Software Defined Networking,” NDSS Workshop on Security of Emerging Networking Technologies, Internet Society, 2015.
  11. G. Somani, M. S. Gaur, D. Sanghi, M. Conti, M. Rajarajan, and R. Buyya, “Combating DDoS Attacks in the Cloud: Requirements, Trends, and Future Directions,” IEEE Cloud Computing, 2017.
  12. A. Stavrou and A. D. Keromytis, “Countering DoS Attacks with Stateless Multipath Overlays,” Proceedings of the 12th ACM Conference on Computer and Communications Security CCS'05, pp. 249-259, Virginia, USA, 2005.
  13. S. C. Tsai, I. H. Liu, C. Lu, C. H. Chang, and J. S. Li, “Defending Cloud Computing Environment against the Challenge of DDoS Attacks based on Software Defined Network,” in Advances in Intelligent Information Hiding and Multimedia Signal Processing: Proceeding of the Twelfth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, vol. 1, pp. 21–292, 2017.
  14. X. Wang, M. Chen, and C. Xing, “SDSNM: A Software Defined Security Networking Mechanism to Defend Against DDoS Attacks,” in Frontier of Computer Science and Technology (FCST), 2015 Ninth International Conference on, IEEE, pp. 115–121, 2015.
  15. X. Wang, S. Chellappan, and P. Boyer, “On the Effectiveness of Secure Overlay Forwarding Systems under Intelligent Distributed DoS Attacks,” IEEE Transactions on Parallel and Distributed Systems, vol. 17, no. 7, pp. 619-632, 2006.
  16. Y. Wang, J. Ma, D. Lu, X. Lu, and L. Zhang, “From High-Availability to Collapse: Quantitative Analysis of ‘Cloud Droplet Freezing’ Attack Threats to Virtual Machine Migration in Cloud Computing,” Cluster Computing. vol. 17, no. 4, pp. 1369–1381, 2014.
  17. Z. J. Wu, Y. Cui, and M. Yue, “Defensive DDoS Attack Method based on Virtual Hash Secure Access Path VHSAP for Cloud Computing Routing Platforms,” Journal of Communication, vol. 36, no. 1, pp. 34-41, 2015.
  18. D. Xuan, S. Chellappan, and X. Wang, “Analyzing the Secure Overlay Services Architecture under Intelligent DDoS Attacks,” Proceedings of the 24th International Conference on Distributed Computing Systems, pp. 408-417, Tokyo, Japan,2004.
  19. Q. Yan and F. Yu, “Distributed Denial of Service Attacks in Software Defined Networking with Cloud Computing,” Commun. Mag. IEEE, vol.53, no. 4, pp. 52-59, 2015.
  20. G. Yossi, H. Amir, S. Michael, and G. Michael, “CDN on Demand: An Affordable DDoS Defense via Untrusted Clouds,” Network and Distributed System Security Symposium (NDSS), 2016.
  21. Y. L. Zhao and J. Zhang, “OMNeT++ and Network Simulation,” People's Posts and Telecommunications Press, pp. 22-102, Beijing, China, 2012.

 

Please note : You will need Adobe Acrobat viewer to view the full articles.Get Free Adobe Reader

Attachments:
Download this file (IJPE-2018-03-12.pdf)IJPE-2018-03-12.pdf[DDoS Attacks Defense Mechanism based on Secure Routing Alliance]440 Kb
 

CURRENT ISSUE

Prev Next

Cascaded Trust Network-based Block-Incremental Recommendation Strategy

Shujuan Ji, Da Li, Qing Zhang, Chunjin Zhang, and Chunxiao Bao

Read more

Cuckoo-based Malware Dynamic Analysis

Lele Wang, Binqiang Wang, Jiangang Liu, Qiguang Miao, and Jianhui Zhang

Read more

Colorization for Anime Sketches with Cycle-Consistent Adversarial Network

Guanghua Zhang, Mengnan Qu, Yuhao Jin, and Qingpeng Song

Read more

Bayesian Network Model for Learning Arithmetic Concepts

Yali Lv, Tong Jing, Yuhua Qian, Jiye Liang, Jianai Wu, and Junzhong Miao

Read more

Collaboration System Design of the Transportation Platform

Zhongwen Wang, Dong Liang, Ruizhen Duan, and Mingshan Chi

Read more

Specific Emitter Identification based on Power Amplifier

Zhen Zhang, Jie Chang, Mengqiu Chai, and Nan Tang

Read more

NRSSD: Normalizing Received Signal Strength to Address Device Diversity Problem in Fingerprinting Po…

Chunxiu Li, Jianli Zhao, Qiuxia Sun, Xiang Gao, Guoqiang Sun, and Chendi Zhu

Read more

Fast AIS Data Decoding Algorithm for Multi-Core CPU

Xiangkun Zeng, Huaran Yan, Yingjie Xiao and Xiaoming Yang

Read more
This site uses encryption for transmitting your passwords. ratmilwebsolutions.com