A confidence-based filtering method for DDoS attack defense in cloud environment

Dou, W; Chen, Q; Chen, J

A confidence-based filtering method for DDoS attack defense in cloud environment

Dou, W Chen, Q Chen, J

Permalink

Publication Type:: Journal Article
Citation:: Future Generation Computer Systems, 2013, 29 (7), pp. 1838 - 1850
Issue Date:: 2013-01-01

Closed Access

	Filename	Description	Size
	2012005097OK.pdf		1.68 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Dou, W	en_US
dc.contributor.author	Chen, Q	en_US
dc.contributor.author	Chen, J	en_US
dc.date.issued	2013-01-01	en_US
dc.identifier.citation	Future Generation Computer Systems, 2013, 29 (7), pp. 1838 - 1850	en_US
dc.identifier.issn	0167-739X	en_US
dc.identifier.uri	http://hdl.handle.net/10453/23917
dc.description.abstract	Distributed Denial-of-Service attack (DDoS) is a major threat for cloud environment. Traditional defending approaches cannot be easily applied in cloud security due to their relatively low efficiency, large storage, to name a few. In view of this challenge, a Confidence-Based Filtering method, named CBF, is investigated for cloud computing environment, in this paper. Concretely speaking, the method is deployed by two periods, i.e., non-attack period and attack period. More specially, legitimate packets are collected in the non-attack period, for extracting attribute pairs to generate a nominal profile. With the nominal profile, the CBF method is promoted by calculating the score of a particular packet in the attack period, to determine whether to discard it or not. At last, extensive simulations are conducted to evaluate the feasibility of the CBF method. The result shows that CBF has a high scoring speed, a small storage requirement, and an acceptable filtering accuracy. It specifically satisfies the real-time filtering requirements in cloud environment. © 2012 Elsevier B.V. All rights reserved.	en_US
dc.relation.ispartof	Future Generation Computer Systems	en_US
dc.relation.isbasedon	10.1016/j.future.2012.12.011	en_US
dc.subject.classification	Distributed Computing	en_US
dc.title	A confidence-based filtering method for DDoS attack defense in cloud environment	en_US
dc.type	Journal Article
utslib.citation.volume	7	en_US
utslib.citation.volume	29	en_US
utslib.for	0805 Distributed Computing	en_US
utslib.for	0803 Computer Software	en_US
utslib.for	0806 Information Systems	en_US
pubs.embargo.period	Not known	en_US
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
pubs.organisational-group	/University of Technology Sydney/Strength - GBDTC - Global Big Data Technologies
pubs.organisational-group	/University of Technology Sydney/Strength - INEXT - Innovation in IT Services and Applications
utslib.copyright.status	closed_access
pubs.issue	7	en_US
pubs.publication-status	Published	en_US
pubs.volume	29	en_US

Abstract:

Distributed Denial-of-Service attack (DDoS) is a major threat for cloud environment. Traditional defending approaches cannot be easily applied in cloud security due to their relatively low efficiency, large storage, to name a few. In view of this challenge, a Confidence-Based Filtering method, named CBF, is investigated for cloud computing environment, in this paper. Concretely speaking, the method is deployed by two periods, i.e., non-attack period and attack period. More specially, legitimate packets are collected in the non-attack period, for extracting attribute pairs to generate a nominal profile. With the nominal profile, the CBF method is promoted by calculating the score of a particular packet in the attack period, to determine whether to discard it or not. At last, extensive simulations are conducted to evaluate the feasibility of the CBF method. The result shows that CBF has a high scoring speed, a small storage requirement, and an acceptable filtering accuracy. It specifically satisfies the real-time filtering requirements in cloud environment. © 2012 Elsevier B.V. All rights reserved.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/23917