Software-based computing platform as an experimental topology assembled to detect and mitigate DDoS attacks using virtual environments

Abstract

A software-based computing platform has been constructed as an experimental topology with the goal to detect and mitigate DDoS using a Virtual Network Environment. This research comprises the automatic management of three main approaches, being firstly the deployment of a virtual infrastructure for experimentation, secondly the configuration of the detection and mitigation of DDoS attacks and finally the analytical tools to corroborate with introduced countermeasures. In order to accomplish these purposes, we have designed and constructed an experimental topology based on virtual networks, which injects and mitigates DDoS attacks. Simultaneously, we designed and developed a software application to manage automatically the deployment of the experimental topology and the configuration of the detection and mitigation of DDoS attacks. To guarantee the reliability of the outcome, we configured a rule-based detection mechanism for Linux through the optimization of an algorithm that resolves anomalies in firewalls rules. The results demonstrate quantitatively the efficiency of this proposal.