scholarly journals Three Tier Network Architecture to Mitigate DDoS Attacks on Hybrid Cloud Environments

2016 ◽  
Author(s):  
Akashdeep Bhardwaj ◽  
G. V. B. Subrahmanyam ◽  
Vinay Avasthi ◽  
Hanumat Sastry
Keyword(s):  
Network Architecture ◽  
Hybrid Cloud ◽  
Ddos Attacks ◽  
Cloud Environments

Algorithm for Secure Hybrid Cloud Design Against DDoS Attacks

2018 ◽  
Vol 13 (4) ◽  
pp. 61-77 ◽  
Author(s):  
Akashdeep Bhardwaj ◽  
Sam Goundar
Keyword(s):  
Service Industry ◽  
Denial Of Service ◽  
Hybrid Cloud ◽  
Ddos Attacks ◽  
Cloud Infrastructure ◽  
Dos Attacks ◽  
Cloud Application ◽  
Government Education ◽  
Cloud Environments ◽  
Cloud Applications

This article describes how cloud computing has become a significant IT infrastructure in business, government, education, research, and service industry domains. Security of cloud-based applications, especially for those applications with constant inbound and outbound user traffic is important. It becomes of the utmost importance to secure the data flowing between the cloud application and user systems against cyber criminals who launch Denial of Service (DoS) attacks. Existing research related to cloud security focuses on securing the flow of information on servers or between networks but there is a lack of research to mitigate Distributed Denial of Service attacks on cloud environments as presented by Buyya et al. and Fachkha, et al. In this article, the authors propose an algorithm and a Hybrid Cloud-based Secure Architecture to mitigate DDoS attacks. By proposing a three-tier cloud infrastructure with a two-tier defense system for separate Network and Application layers, the authors show that DDoS attacks can be detected and blocked before reaching the infrastructure hosting the Cloud applications.

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

2017 ◽  
Vol 7 (3) ◽  
pp. 59-75 ◽  
Author(s):  
Akashdeep Bhardwaj ◽  
Sam Goundar
Keyword(s):  
Data Center ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Ddos Attacks ◽  
Design Data ◽  
Application Performance ◽  
Server Virtualization ◽  
Security Officers ◽  
Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

An API for Development of User-Defined Scheduling Algorithms in Aneka PaaS Cloud Software

2019 ◽  
pp. 170-187 ◽  
Author(s):  
Rajinder Sandhu ◽  
Adel Nadjaran Toosi ◽  
Rajkumar Buyya
Keyword(s):  
Cloud Computing ◽  
Real Time ◽  
Scheduling Algorithms ◽  
Research Area ◽  
Programming Models ◽  
Hybrid Cloud ◽  
Main Research ◽  
Cloud Application ◽  
Cloud Environments ◽  
Cloud Infrastructures

Cloud computing provides resources using multitenant architecture where infrastructure is created from one or more distributed datacenters. Scheduling of applications in cloud infrastructures is one of the main research area in cloud computing. Researchers have developed many scheduling algorithms and evaluated them using simulators such as CloudSim. Their performance needs to be validated in real-time cloud environments to improve their usefulness. Aneka is one of the prominent PaaS software which allows users to develop cloud application using various programming models and underline infrastructure. This chapter presents a scheduling API developed for the Aneka software platform. Users can develop their own scheduling algorithms using this API and integrate it with Aneka to test their scheduling algorithms in real cloud environments. The proposed API provides all the required functionalities to integrate and schedule private, public, or hybrid cloud with the Aneka software.

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

2021 ◽  
pp. 541-558
Author(s):  
Akashdeep Bhardwaj ◽  
Sam Goundar
Keyword(s):  
Data Center ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Ddos Attacks ◽  
Design Data ◽  
Application Performance ◽  
Server Virtualization ◽  
Security Officers ◽  
Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

Network Security Policy Automation

2022 ◽  
pp. 83-112
Author(s):  
Myo Zarny ◽  
Meng Xu ◽  
Yi Sun
Keyword(s):  
Artificial Intelligence ◽  
Machine Learning ◽  
Big Data ◽  
Network Security ◽  
Security Policy ◽  
Learning Technologies ◽  
Use Cases ◽  
Hybrid Cloud ◽  
Cloud Environments ◽  
Enterprise Security

Network security policy automation enables enterprise security teams to keep pace with increasingly dynamic changes in on-premises and public/hybrid cloud environments. This chapter discusses the most common use cases for policy automation in the enterprise, and new automation methodologies to address them by taking the reader step-by-step through sample use cases. It also looks into how emerging automation solutions are using big data, artificial intelligence, and machine learning technologies to further accelerate network security policy automation and improve application and network security in the process.

scholarly journals Mitigation of DDoS attack instigated by compromised switches on SDN controller by analyzing the flow rule request traffic

2018 ◽  
Vol 7 (2.6) ◽  
pp. 46 ◽  
Author(s):  
Sanjeetha R ◽  
Shikhar Srivastava ◽  
Rishab Pokharna ◽  
Syed Shafiq ◽  
Dr Anita Kanavalli
Keyword(s):  
Network Architecture ◽  
Flow Rule ◽  
Software Defined Network ◽  
Ddos Attacks ◽  
Control Plane ◽  
Ddos Attack ◽  
Flow Table ◽  
Data Plane ◽  
Ddos Detection ◽  
Sdn Controller

Software Defined Network (SDN) is a new network architecture which separates the data plane from the control plane. The SDN controller implements the control plane and switches implement the data plane. Many papers discuss about DDoS attacks on primary servers present in SDN and how they can be mitigated with the help of controller. In our paper we show how DDoS attack can be instigated on the SDN controller by manipulating the flow table entries of switches, such that they send continuous requests to the controller and exhaust its resources. This is a new, but one of the possible way in which a DDoS attack can be performed on controller. We show the vulnerability of SDN for this kind of attack. We further propose a solution for mitigating it, by running a DDoS Detection module which uses variation of flow entry request traffic from all switches in the network to identify compromised switches and blocks them completely.

scholarly journals A Novel Technique for Trust Delivery in the Cloud

2013 ◽  
Vol 11 (2) ◽  
pp. 2226-2230
Author(s):  
Yeluri Lakshmi Prasanna ◽  
Dr.E.Madhusudhana Reddy ◽  
S Neelima
Keyword(s):  
Key Management ◽  
Research Paper ◽  
Hybrid Cloud ◽  
Infrastructure As A Service ◽  
Platform As A Service ◽  
Critical Data ◽  
Novel Technique ◽  
Cloud Providers ◽  
Cloud Environments

For many organizations, keeping data private and secure has also become a compliance requirement. Cloud providers offering Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) offer a “shared responsibility” model for customer applications and data, so companies that are migrating to the cloud are responsible for finding a solution. This research paper proposes a system, which combines encryption with key management to protect critical data in public, private and hybrid cloud environments.

Sign in / Sign up

Export Citation Format

Share Document