DDoS Mitigation and Intrusion Prevention in Content Delivery Networks using Distributed Virtual Honeypots

Content Delivery Networks(CDN) is a standout amongst the most encouraging innovations that upgrade performance for its clients’ websites by diverting web demands from browsers to topographically dispersed CDN surrogate nodes. However, due to the variable nature of CDN, it suffers from various security and resource allocation issues. The most common attack which is used to bring down a whole network as well as CDN without even finding a loophole in the security is DDoS. In this proposal, we proposed a distributed virtual honeypot model for diminishing DDoS attacks and prevent intrusion in securing CDN. Honeypots are specially utilized to imitate the primary server with the goal that the attack is alleviated to the fake rather than the main server. Our proposed layer based model utilizes honeypot to be more effective reducing the cost of the system as well as maintaining the smooth delivery in geographically dispersed servers without performance degradation.

[1]  Kijoon Chae,et al.  Multi-defense Mechanism against DDoS in SDN Based CDNi , 2014, 2014 Eighth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[2]  Rami G. Melhem,et al.  Roaming honeypots for mitigating service-level denial-of-service attacks , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..

[3]  Ritu Tiwari,et al.  Design and Analysis of Distributed Honeypot System , 2012 .

[4]  N. Garg,et al.  Deception in Honeynets: A Game-Theoretic Analysis , 2007, 2007 IEEE SMC Information Assurance and Security Workshop.

[5]  Abdulmalik Ahmad Lawan,et al.  Towards Improving the Security of Low-Interaction Honeypots: Insights from a Comparative Analysis , 2016 .

[6]  Hongbo Zhu,et al.  Deceptive Attack and Defense Game in Honeypot-Enabled Networks for the Internet of Things , 2016, IEEE Internet of Things Journal.

[7]  Daniel Jeswin Nallathambi,et al.  Use of honeypots for mitigating DoS attacks targeted on IoT networks , 2017, 2017 International Conference on Computer, Communication and Signal Processing (ICCCSP).

[8]  Irwan Sembiring Implementation of honeypot to detect and prevent distributed denial of service attack , 2016, 2016 3rd International Conference on Information Technology, Computer, and Electrical Engineering (ICITACEE).

[9]  Dheerendra Singh,et al.  Comparison of network security tools- Firewall, Intrusion Detection System and Honeypot , 2014 .

[10]  Hrishikesh Deshpande HoneyMesh: Preventing Distributed Denial of Service Attacks using Virtualized Honeypots , 2015, ArXiv.

[11]  Yun Yang,et al.  Design of distributed honeypot system based on intrusion tracking , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[12]  Vinu V Das,et al.  Honeypot Scheme for Distributed Denial-of-Service Attack , 2009 .

[13]  C. Douligeris,et al.  DDoS attacks and defense mechanisms: a classification , 2003, Proceedings of the 3rd IEEE International Symposium on Signal Processing and Information Technology (IEEE Cat. No.03EX795).

[14]  R. Manicka Chezian,et al.  An extension of intrusion prevention, detection and response system for secure content delivery networks , 2016, 2016 IEEE International Conference on Advances in Computer Applications (ICACA).