Defending cloud computing environment against the challenge of DDoS attacks based on software defined network

Shuen Chih Tsai; I. Hsien Liu; Chien Tung Lu; Chan Hua Chang; Jung Shian Li

doi:10.1007/978-3-319-50209-0_35

Defending cloud computing environment against the challenge of DDoS attacks based on software defined network

Shuen Chih Tsai, I. Hsien Liu, Chien Tung Lu, Chan Hua Chang, Jung Shian Li

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

23 Citations (Scopus)

Abstract

With the explosive growth of cloud computing, virtualization technology has become more and more mature. However, it also increases the complexity of the network topology and causes many new important issues. One of the important issues is the security problem. It is hard to directly monitor the network traffic between Virtual Machines (VMs) through the external network devices, which make VMs more vulnerable in virtual environments. This research focuses on how to efficiently and rapidly protect VMs from malicious attacks without consuming its resources. We combine virtualization platform with the concept of Defense in Depth based on Software Defined Network (SDN), and implement a real-time detection and defense system for DDoS attacks. Moreover, we propose an enhanced entropy-based DDoS detection method to improve its detection accuracy, and we deploy it in SDN architecture.

Original language	English
Title of host publication	Advances in Intelligent Information Hiding and Multimedia Signal Processing - Proceeding of the 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2016
Editors	Hsiang-Cheh Huang, Jeng-Shyang Pan, Pei-Wei Tsai
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	285-292
Number of pages	8
ISBN (Print)	9783319502083
DOIs	https://doi.org/10.1007/978-3-319-50209-0_35
Publication status	Published - 2017
Event	12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2016 - Kaohsiung, Taiwan Duration: 2016 Nov 21 → 2016 Nov 23

Publication series

Name	Smart Innovation, Systems and Technologies
Volume	63
ISSN (Print)	2190-3018
ISSN (Electronic)	2190-3026

Other

Other	12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2016
Country/Territory	Taiwan
City	Kaohsiung
Period	16-11-21 → 16-11-23

All Science Journal Classification (ASJC) codes

General Decision Sciences
General Computer Science

Access to Document

10.1007/978-3-319-50209-0_35

Cite this

Tsai, S. C., Liu, I. H., Lu, C. T., Chang, C. H., & Li, J. S. (2017). Defending cloud computing environment against the challenge of DDoS attacks based on software defined network. In H.-C. Huang, J.-S. Pan, & P.-W. Tsai (Eds.), Advances in Intelligent Information Hiding and Multimedia Signal Processing - Proceeding of the 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2016 (pp. 285-292). (Smart Innovation, Systems and Technologies; Vol. 63). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-319-50209-0_35

Tsai, Shuen Chih ; Liu, I. Hsien ; Lu, Chien Tung et al. / Defending cloud computing environment against the challenge of DDoS attacks based on software defined network. Advances in Intelligent Information Hiding and Multimedia Signal Processing - Proceeding of the 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2016. editor / Hsiang-Cheh Huang ; Jeng-Shyang Pan ; Pei-Wei Tsai. Springer Science and Business Media Deutschland GmbH, 2017. pp. 285-292 (Smart Innovation, Systems and Technologies).

@inproceedings{599039a7ff2b4f058a1ac0593b0ec9a4,

title = "Defending cloud computing environment against the challenge of DDoS attacks based on software defined network",

abstract = "With the explosive growth of cloud computing, virtualization technology has become more and more mature. However, it also increases the complexity of the network topology and causes many new important issues. One of the important issues is the security problem. It is hard to directly monitor the network traffic between Virtual Machines (VMs) through the external network devices, which make VMs more vulnerable in virtual environments. This research focuses on how to efficiently and rapidly protect VMs from malicious attacks without consuming its resources. We combine virtualization platform with the concept of Defense in Depth based on Software Defined Network (SDN), and implement a real-time detection and defense system for DDoS attacks. Moreover, we propose an enhanced entropy-based DDoS detection method to improve its detection accuracy, and we deploy it in SDN architecture.",

author = "Tsai, {Shuen Chih} and Liu, {I. Hsien} and Lu, {Chien Tung} and Chang, {Chan Hua} and Li, {Jung Shian}",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG 2017.; 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2016 ; Conference date: 21-11-2016 Through 23-11-2016",

year = "2017",

doi = "10.1007/978-3-319-50209-0_35",

language = "English",

isbn = "9783319502083",

series = "Smart Innovation, Systems and Technologies",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "285--292",

editor = "Hsiang-Cheh Huang and Jeng-Shyang Pan and Pei-Wei Tsai",

booktitle = "Advances in Intelligent Information Hiding and Multimedia Signal Processing - Proceeding of the 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2016",

address = "Germany",

}

Tsai, SC, Liu, IH, Lu, CT, Chang, CH & Li, JS 2017, Defending cloud computing environment against the challenge of DDoS attacks based on software defined network. in H-C Huang, J-S Pan & P-W Tsai (eds), Advances in Intelligent Information Hiding and Multimedia Signal Processing - Proceeding of the 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2016. Smart Innovation, Systems and Technologies, vol. 63, Springer Science and Business Media Deutschland GmbH, pp. 285-292, 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2016, Kaohsiung, Taiwan, 16-11-21. https://doi.org/10.1007/978-3-319-50209-0_35

Defending cloud computing environment against the challenge of DDoS attacks based on software defined network. / Tsai, Shuen Chih; Liu, I. Hsien; Lu, Chien Tung et al.
Advances in Intelligent Information Hiding and Multimedia Signal Processing - Proceeding of the 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2016. ed. / Hsiang-Cheh Huang; Jeng-Shyang Pan; Pei-Wei Tsai. Springer Science and Business Media Deutschland GmbH, 2017. p. 285-292 (Smart Innovation, Systems and Technologies; Vol. 63).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Defending cloud computing environment against the challenge of DDoS attacks based on software defined network

AU - Tsai, Shuen Chih

AU - Liu, I. Hsien

AU - Lu, Chien Tung

AU - Chang, Chan Hua

AU - Li, Jung Shian

N1 - Publisher Copyright: © Springer International Publishing AG 2017.

PY - 2017

Y1 - 2017

N2 - With the explosive growth of cloud computing, virtualization technology has become more and more mature. However, it also increases the complexity of the network topology and causes many new important issues. One of the important issues is the security problem. It is hard to directly monitor the network traffic between Virtual Machines (VMs) through the external network devices, which make VMs more vulnerable in virtual environments. This research focuses on how to efficiently and rapidly protect VMs from malicious attacks without consuming its resources. We combine virtualization platform with the concept of Defense in Depth based on Software Defined Network (SDN), and implement a real-time detection and defense system for DDoS attacks. Moreover, we propose an enhanced entropy-based DDoS detection method to improve its detection accuracy, and we deploy it in SDN architecture.

AB - With the explosive growth of cloud computing, virtualization technology has become more and more mature. However, it also increases the complexity of the network topology and causes many new important issues. One of the important issues is the security problem. It is hard to directly monitor the network traffic between Virtual Machines (VMs) through the external network devices, which make VMs more vulnerable in virtual environments. This research focuses on how to efficiently and rapidly protect VMs from malicious attacks without consuming its resources. We combine virtualization platform with the concept of Defense in Depth based on Software Defined Network (SDN), and implement a real-time detection and defense system for DDoS attacks. Moreover, we propose an enhanced entropy-based DDoS detection method to improve its detection accuracy, and we deploy it in SDN architecture.

UR - http://www.scopus.com/inward/record.url?scp=85005959773&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85005959773&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-50209-0_35

DO - 10.1007/978-3-319-50209-0_35

M3 - Conference contribution

AN - SCOPUS:85005959773

SN - 9783319502083

T3 - Smart Innovation, Systems and Technologies

SP - 285

EP - 292

BT - Advances in Intelligent Information Hiding and Multimedia Signal Processing - Proceeding of the 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2016

A2 - Huang, Hsiang-Cheh

A2 - Pan, Jeng-Shyang

A2 - Tsai, Pei-Wei

PB - Springer Science and Business Media Deutschland GmbH

T2 - 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2016

Y2 - 21 November 2016 through 23 November 2016

ER -

Tsai SC, Liu IH, Lu CT, Chang CH, Li JS. Defending cloud computing environment against the challenge of DDoS attacks based on software defined network. In Huang HC, Pan JS, Tsai PW, editors, Advances in Intelligent Information Hiding and Multimedia Signal Processing - Proceeding of the 12th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2016. Springer Science and Business Media Deutschland GmbH. 2017. p. 285-292. (Smart Innovation, Systems and Technologies). doi: 10.1007/978-3-319-50209-0_35

Defending cloud computing environment against the challenge of DDoS attacks based on software defined network

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this