1,266 research outputs found
Detailed Review on The Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks in Software Defined Networks (SDNs) and Defense Strategies
The development of Software Defined Networking (SDN) has altered the landscape of computer networking in recent years. Its scalable architecture has become a blueprint for the design of several advanced future networks. To achieve improve and efficient monitoring, control and management capabilities of the network, software defined networks differentiate or decouple the control logic from the data forwarding plane. As a result, logical control is centralized solely in the controller. Due to the centralized nature, SDNs are exposed to several vulnerabilities such as Spoofing, Flooding, and primarily Denial of Service (DoS) and Distributed Denial of Service (DDoS) among other attacks. In effect, the performance of SDN degrades based on these attacks. This paper presents a comprehensive review of several DoS and DDoS defense/mitigation strategies and classifies them into distinct classes with regards to the methodologies employed. Furthermore, suggestions were made to enhance current mitigation strategies accordingly
A novel algorithm for software defined networks model to enhance the quality of services and scalability in wireless network
Software defined networks (SDN) have replaced the traditional network architecture by separating the control from forwarding planes. SDN technology utilizes computer resources to provide worldwide effective service than the aggregation of single internet resources usage. Breakdown while resource allocation is a major concern in cloud computing due to the diverse and highly complex architecture of resources. These resources breakdowns cause delays in job completion and have a negative influence on attaining quality of service (QoS). In order to promote error-free task scheduling, this study represents a promising fault-tolerance scheduling technique. For optimum QoS, the suggested restricted Boltzmann machine (RBM) approach takes into account the most important characteristics like current consumption of the resources and rate of failure. The proposed approach's efficiency is verified using the MATLAB toolbox by employing widely used measures such as resource consumption, average processing time, throughput and rate of success
Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era
The Internet of Things (IoT) is rapidly changing our society to a world where
every "thing" is connected to the Internet, making computing pervasive like
never before. This tsunami of connectivity and data collection relies more and
more on the Cloud, where data analytics and intelligence actually reside. Cloud
computing has indeed revolutionized the way computational resources and
services can be used and accessed, implementing the concept of utility
computing whose advantages are undeniable for every business. However, despite
the benefits in terms of flexibility, economic savings, and support of new
services, its widespread adoption is hindered by the security issues arising
with its usage. From a security perspective, the technological revolution
introduced by IoT and Cloud computing can represent a disaster, as each object
might become inherently remotely hackable and, as a consequence, controllable
by malicious actors. While the literature mostly focuses on security of IoT and
Cloud computing as separate entities, in this article we provide an up-to-date
and well-structured survey of the security issues of Cloud computing in the IoT
era. We give a clear picture of where security issues occur and what their
potential impact is. As a result, we claim that it is not enough to secure IoT
devices, as cyber-storms come from Clouds
Next Generation Cloud Computing: New Trends and Research Directions
The landscape of cloud computing has significantly changed over the last
decade. Not only have more providers and service offerings crowded the space,
but also cloud infrastructure that was traditionally limited to single provider
data centers is now evolving. In this paper, we firstly discuss the changing
cloud infrastructure and consider the use of infrastructure from multiple
providers and the benefit of decentralising computing away from data centers.
These trends have resulted in the need for a variety of new computing
architectures that will be offered by future cloud infrastructure. These
architectures are anticipated to impact areas, such as connecting people and
devices, data-intensive computing, the service space and self-learning systems.
Finally, we lay out a roadmap of challenges that will need to be addressed for
realising the potential of next generation cloud systems.Comment: Accepted to Future Generation Computer Systems, 07 September 201
A survey of denial-of-service and distributed denial of service attacks and defenses in cloud computing
Cloud Computing is a computingmodel that allows ubiquitous, convenient and on-demand
access to a shared pool of highly configurable resources (e.g., networks, servers, storage, applications
and services). Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks are serious
threats to the Cloud services’ availability due to numerous new vulnerabilities introduced by the
nature of the Cloud, such as multi-tenancy and resource sharing. In this paper, new types of DoS and
DDoS attacks in Cloud Computing are explored, especially the XML-DoS and HTTP-DoS attacks,
and some possible detection and mitigation techniques are examined. This survey also provides
an overview of the existing defense solutions and investigates the experiments and metrics that are
usually designed and used to evaluate their performance, which is helpful for the future research in
the domain
Encountering distributed denial of service attack utilizing federated software defined network
This research defines the distributed denial of service (DDoS) problem in software-defined-networks (SDN) environments. The proposes solution uses Software defined networks capabilities to reduce risk, introduces a collaborative, distributed defense mechanism rather than server-side filtration. Our proposed network detection and prevention agent (NDPA) algorithm negotiates the maximum amount of traffic allowed to be passed to server by reconfiguring network switches and routers to reduce the ports' throughput of the network devices by the specified limit ratio. When the passed traffic is back to normal, NDPA starts network recovery to normal throughput levels, increasing ports' throughput by adding back the limit ratio gradually each time cycle. The simulation results showed that the proposed algorithms successfully detected and prevented a DDoS attack from overwhelming the targeted server. The server was able to coordinate its operations with the SDN controllers through a communication mechanism created specifically for this purpose. The system was also able to determine when the attack was over and utilize traffic engineering to improve the quality of service (QoS). The solution was designed with a sophisticated way and high level of separation of duties between components so it would not be affected by the design aspect of the network architecture
- …