DDoS mitigation

About: DDoS mitigation is a research topic. Over the lifetime, 237 publications have been published within this topic receiving 8082 citations.

DDoS testbed based on peer-to-peer grid

Abstract: Distributed Denial of Service (DDoS) attacks and defence against them poses great challenge in network security. Studying of DDoS mitigation strategies, understanding of secure state of a network as well as the testing of defense appliances is the main purpose of our testbed. The testbed is based on a P2P grid-Our Grid environment and aids to run DDoS attacks on existing nodes of P2P grid to use spreading, control, and attack techniques for testing of real network system. We employ the P2P grid environment to carry out as well as to coordinate DDoS attack on the availability of services to simulate real DDoS attack launched indirectly through many compromised computing systems. The paper gives background, design and experimental practice of the testbed.

DDoS Mitigation and Intrusion Prevention in Content Delivery Networks using Distributed Virtual Honeypots

Abstract: Content Delivery Networks(CDN) is a standout amongst the most encouraging innovations that upgrade performance for its clients’ websites by diverting web demands from browsers to topographically dispersed CDN surrogate nodes. However, due to the variable nature of CDN, it suffers from various security and resource allocation issues. The most common attack which is used to bring down a whole network as well as CDN without even finding a loophole in the security is DDoS. In this proposal, we proposed a distributed virtual honeypot model for diminishing DDoS attacks and prevent intrusion in securing CDN. Honeypots are specially utilized to imitate the primary server with the goal that the attack is alleviated to the fake rather than the main server. Our proposed layer based model utilizes honeypot to be more effective reducing the cost of the system as well as maintaining the smooth delivery in geographically dispersed servers without performance degradation.

A NFV-based Resource Orchestration Algorithm for DDoS Mitigation in MEC

Abstract: With the emergence of computationally intensive and delay sensitive applications, mobile edge computing(MEC) has become more and more popular. Simultaneously, MEC paradigm is faced with security challenges, the most harmful of which is DDoS attack. In this paper, we focus on the resource orchestration algorithm in MEC scenario to mitigate DDoS attack. Most of existing works on resource orchestration algorithm barely take into account DDoS attack. Moreover, they assume that MEC nodes are unselfish, while in practice MEC nodes are selfish and try to maximize their individual utility only, as they usually belong to different network operators. To solve such problems, we propose a price-based resource orchestration algorithm(PROA) using game theory and convex optimization, which aims at mitigating DDoS attack while maximizing the utility of each participant. Pricing resources to simulate market mechanisms, which is national to make rational decisions for all participants. Finally, we conduct experiment using Matlab and show that the proposed PROA can effectively mitigate DDoS attack on the attacked MEC node.