TY - GEN
T1 - Defending cloud computing environment against the challenge of DDoS attacks based on software defined network
AU - Tsai, Shuen Chih
AU - Liu, I. Hsien
AU - Lu, Chien Tung
AU - Chang, Chan Hua
AU - Li, Jung Shian
N1 - Publisher Copyright:
© Springer International Publishing AG 2017.
PY - 2017
Y1 - 2017
N2 - With the explosive growth of cloud computing, virtualization technology has become more and more mature. However, it also increases the complexity of the network topology and causes many new important issues. One of the important issues is the security problem. It is hard to directly monitor the network traffic between Virtual Machines (VMs) through the external network devices, which make VMs more vulnerable in virtual environments. This research focuses on how to efficiently and rapidly protect VMs from malicious attacks without consuming its resources. We combine virtualization platform with the concept of Defense in Depth based on Software Defined Network (SDN), and implement a real-time detection and defense system for DDoS attacks. Moreover, we propose an enhanced entropy-based DDoS detection method to improve its detection accuracy, and we deploy it in SDN architecture.
AB - With the explosive growth of cloud computing, virtualization technology has become more and more mature. However, it also increases the complexity of the network topology and causes many new important issues. One of the important issues is the security problem. It is hard to directly monitor the network traffic between Virtual Machines (VMs) through the external network devices, which make VMs more vulnerable in virtual environments. This research focuses on how to efficiently and rapidly protect VMs from malicious attacks without consuming its resources. We combine virtualization platform with the concept of Defense in Depth based on Software Defined Network (SDN), and implement a real-time detection and defense system for DDoS attacks. Moreover, we propose an enhanced entropy-based DDoS detection method to improve its detection accuracy, and we deploy it in SDN architecture.
UR - http://www.scopus.com/inward/record.url?scp=85005959773&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85005959773&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-50209-0_35
DO - 10.1007/978-3-319-50209-0_35
M3 - Conference contribution
AN - SCOPUS:85005959773
SN - 9783319502083
T3 - Smart Innovation, Systems and Technologies
SP - 285
EP - 292
BT - Advances in Intelligent Information Hiding and Multimedia Signal Processing - Proceeding of the 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2016
A2 - Huang, Hsiang-Cheh
A2 - Pan, Jeng-Shyang
A2 - Tsai, Pei-Wei
PB - Springer Science and Business Media Deutschland GmbH
T2 - 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2016
Y2 - 21 November 2016 through 23 November 2016
ER -