Paper Info
Title
Scalable Bandwidth Allocation Based on Domain Attributes: Towards a DDoS-Resistant Data Center.
Abstract
As the flourishing of cloud services, data centers are widely invested and deployed. However, facing the hazard of Distributed Denial of Service (DDoS) attacks, legitimate users' bandwidth access to a data center is not yet a guarantee. In response, capability-based DDoS defenses provide a promising countermeasure, especially when leveraging Autonomous System (AS) as a geographic constraint to throttle attacking flows. Unfortunately, previous schemes essentially involve a source-AS fair sharing strategy, which is too coarse-grained to provide fairness among heterogeneous AS entities. This paper proposes D4, a capability-based data center protection with state-defined allocating granularity. We differentiate the states of stub ASes through diverse aspects of domain attributes. D4 enables fair bandwidth allocation among source domains and scalable data center access for users. Our scheme is integrated with Border Gateway Protocol and can be practically deployed by Internet data centers. We illustrate the effectiveness of D4 via experiments under different scenarios and comparative simulations with closely related schemes.
Year
Venue
Keywords
2017
IEEE Global Communications Conference
Cloud computing,data center,distributed denial of service defense,capability-based schemes,domain attribute
Field
DocType
ISSN
Denial-of-service attack,Computer science,Bandwidth allocation,Computer network,Border Gateway Protocol,Channel allocation schemes,Data center,Scalability,Cloud computing,The Internet
Conference
2334-0983
Citations 
PageRank 
References 
0
0.34
0
Authors
5
Name
Order
Citations
PageRank
Yao Zhang16631.44
Lijia Xie200.68
Dong Zhang311.03
Gang Liu49329.33
Zhaocheng Wang52359147.30