NIMBUS: cloud-scale attack detection and mitigation
暂无分享,去创建一个
Cloud services become an attractive target of attacks o Large-scale: 100s of Gbps o Diverse types: network-layer & application layer o Fast ramp-up rate: within a few minutes Existing approaches o Commercial hardware boxes (e.g. Firewall, IDS, DDoS-protection appliance) • Low Capacity: cannot accommodate attack volume • High Cost: Unfavorable cost vs. capacity tradeoffs • Inflexible: lack of programmability o Commercial attack prevention services (e.g. CloudFlare, Prolexic) • Risk of privacy and confidential leakage Attack-Detection-as-a-Service
[1] Aditya Akella,et al. OpenNF , 2014, SIGCOMM.
[2] Abhishek Kumar,et al. Sketch Guided Sampling - Using On-Line Estimates of Flow Size for Adaptive Data Collection , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.
[3] Nick Feamster,et al. Fast monitoring of traffic subpopulations , 2008, IMC '08.