@inproceedings{e4989e04132e48409747e5b9ebd83447,
title = "Preserving Service Availability Under DDoS Attack in Micro-Service Based Cloud Infrastructure",
abstract = "Distributed denial of service (DDoS) attacks target the availability of the victim's services. DDoS attacks, being resource-consumption attacks, create heavy resource contention. In the state of the art, we found that resource isolation for legitimate users assisted in maintaining service availability even in the presence of DDoS attacks. As the networks are moving towards micro-service architecture, DDoS attack on these architecture can lead to disruption of services. In this work, we implement a micro-service architecture using container based environment. We use the threshold connection and micro-service architecture to preserve service availability under DDoS attack. The threshold connection will check for the active connection of distinct web pages, and micro-service architecture helps in serving those different requests on different containers. We classify those users whose number of requests is greater than the threshold connection as attacker and the rest of them as benign users. Also, we classify the target web page into two categories: high resource consumption web pages and low resource consumption web pages based on their resource consumption. We serve the requests for both pages in different containers. Our experimental results show that even in the presence of a massive DDoS attack, our proposed mechanism is able to preserve the availability of the target service. The proposed methodology leads to failure of only 8 benign requests as compared to 499 under state-of-the-art. It is imperative to emphasize that the proposed technique should not be regarded as a DDoS detection instrument but rather as a supplementary component to an existing detection solutions.",
keywords = "Availability, Cloud security, Containers, Distributed Denial of Service (DDoS), Network security, Security and Protection",
author = "Anmol Kumar and Mayank Agarwal",
note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 16th International Conference on Security of Information and Networks, SIN 2023 ; Conference date: 20-11-2023 Through 21-11-2023",
year = "2023",
month = jan,
day = "1",
doi = "10.1109/SIN60469.2023.10474720",
language = "English",
series = "16th International Conference on Security of Information and Networks, SIN 2023",
publisher = "Institute of Electrical and Electronics Engineers",
editor = "Bohra, {Manoj Kumar} and Mahesh Jangid and Sandeep Chaurasia and Parvez Faruki and Somya Goyal and Atilla Elci",
booktitle = "16th International Conference on Security of Information and Networks, SIN 2023",
address = "United States",
}