Paper Info
Title
Minimizing Financial Cost of DDoS Attack Defense in Clouds With Fine-Grained Resource Management
Abstract
As the cloud systems gain in popularity, they suffer from cyber attacks. One of the most notorious cyber attacks is Distributed Denial of Service (DDoS) attack, which aims to drain the system resources so that the system becomes unresponsive to the genuine users. DDoS attack and defense essentially revolve around resource competition. Many efforts have been made from the perspective of resource investment and management. However, these defending schemes assume that the resources available to defend the attacks are unlimited without taking the financial cost into account. Such coarse-grained defense strategies could cause the problem of resource overprovisioning, which would incur unwanted extra costs to the defender. To tackle this issue, we systematically investigate the problem and propose a birth-death-based fine-grained resource management mechanism, which can both scale in/out and scale down/up. That is, the proposed mechanism adaptively selects the optimal resource leasing mode for cloud service customers so that they can defeat the DDoS attack with minimal financial cost. Extensive analyses and empirical data-based experiments are conducted. The results show both the effectiveness and efficiency of the proposed approach. Comparing to existing work, our proposal can averagely save 53.58% (up to 93.75%) of the cost for the attack defense.
Year
DOI
Venue
2020
10.1109/TNSE.2020.2981449
IEEE Transactions on Network Science and Engineering
Keywords
DocType
Volume
DDoS attacks,cloud security,resource management
Journal
7
Issue
ISSN
Citations 
4
2327-4697
2
PageRank 
References 
Authors
0.37
0
8
Name
Order
Citations
PageRank
Bin Yuan1125.25
Huan Zhao24516.00
Chen Lin321.38
Deqing Zou456777.42
Laurence T. Yang56870682.61
Hai Jin66544644.63
Ligang He754256.73
Shui Yu82365208.84