Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

[1]  Huaglory Tianfield,et al.  Evaluation of Experiments on Detecting Distributed Denial of Service (DDoS) Attacks in Eucalyptus Private Cloud , 2012, SOFA.

[2]  L. Schwartz,et al.  Sophisticated Denial of Service attacks aimed at application layer , 2012, 2012 ELEKTRO.

[3]  Kannan Govindarajan,et al.  DDoS defense system for web services in a cloud environment , 2014, Future generations computer systems.

[4]  Moses Garuba,et al.  Analysis of DDoS Attacks and an Introduction of a Hybrid Statistical Model to Detect DDoS Attacks on Cloud Computing Environment , 2015, 2015 12th International Conference on Information Technology - New Generations.

[5]  Aman Bakshi,et al.  Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine , 2010, 2010 Second International Conference on Communication Software and Networks.

[6]  Robert Huang,et al.  A DDoS Mitigation System with Multi-stage Detection and Text-Based Turing Testing in Cloud Computing , 2013, 2013 27th International Conference on Advanced Information Networking and Applications Workshops.

[7]  Partha Ghosh,et al.  A Cloud Intrusion Detection System Using Novel PRFCM Clustering and KNN Based Dempster-Shafer Rule , 2016, Int. J. Cloud Appl. Comput..

[8]  Latifa Ben Arfa Rabai,et al.  A Security Framework for Secure Cloud Computing Environments , 2016, Int. J. Cloud Appl. Comput..

[9]  Ruchika Asija,et al.  Healthcare SaaS Based on a Data Model with Built-In Security and Privacy , 2016, Int. J. Cloud Appl. Comput..

[10]  Harkeerat Singh Bedi,et al.  Securing cloud infrastructure against co-resident DoS attacks using game theoretic defense mechanisms , 2012, ICACCI '12.

[11]  Selvakumar Manickam,et al.  Rule-based mechanism to detect Denial of Service (DoS) attacks on Duplicate Address Detection process in IPv6 link local communication , 2015, INFOCOM 2015.

[12]  Robert Birke,et al.  Defeating variability in cloud applications by multi-tier workload redundancy , 2016, 2016 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[13]  Pourya Shamsolmoali,et al.  Statistical-based filtering system against DDOS attacks in cloud computing , 2014, 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[14]  K. Chandrasekaran,et al.  Enhanced Trust Path between Two Entities in Cloud Computing Environment , 2016, Int. J. Cloud Appl. Comput..

[15]  Irfan Gul,et al.  Distributed Cloud Intrusion Detection Model , 2011 .

[16]  Muhammad Zakarya,et al.  DDoS Verification and Attack Packet Dropping Algorithm in Cloud Computing , 2013 .

[17]  Abhinav Bhandari,et al.  Destination Address Entropy based Detection and Traceback Approach against Distributed Denial of Service Attacks , 2015 .

[18]  M.A. Akbar,et al.  A comparative study of anomaly detection algorithms for detection of SIP flooding in IMS , 2008, 2008 2nd International Conference on Internet Multimedia Services Architecture and Applications.

[19]  Xiao-hui Zeng,et al.  Research on an Effective Approach against DDoS Attacks , 2009, 2009 International Conference on Research Challenges in Computer Science.

[20]  Ugrasen Suman,et al.  Analyzing Virtualization Vulnerabilities and Design a Secure Cloud Environment to Prevent from XSS Attack , 2016, Int. J. Cloud Appl. Comput..