Vinicius Fulber Garcia, Guilherme de Freitas Gaiardo, L. D. C. Marcuzzo, Raul Ceretta Nunes, Carlos Raniery Paula dos Santos
{"title":"恶魔:DDoS缓解NFV解决方案","authors":"Vinicius Fulber Garcia, Guilherme de Freitas Gaiardo, L. D. C. Marcuzzo, Raul Ceretta Nunes, Carlos Raniery Paula dos Santos","doi":"10.1109/AINA.2018.00115","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks become increasingly sophisticated and massive in traffic volume. These attacks can be mainly classified as IP Spoofing or Real Source IP. In special, Real Source IP attacks are characterized by the use of malware-infected hosts to simulate real network traffic. Those attacks are constantly evolving, new and sophisticated infection methods are always being employed by attackers. To deal with such constant change, the research community is always searching for advanced approaches to mitigate, or even eliminate, those threats. One of these new approaches, is the use of Network Function Virtualization (NFV). This new paradigm supports the creation of more scalable and flexible, thus resilient, network infrastructures. We, therefore, propose a DDoS mitigation system - called DeMONS - that uses NFV concept together both a dynamic allocation and a reputation mechanisms. The results demonstrate that the employed techniques are a feasible solution to reach higher utilization rates.","PeriodicalId":239730,"journal":{"name":"2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA)","volume":"65 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"DeMONS: A DDoS Mitigation NFV Solution\",\"authors\":\"Vinicius Fulber Garcia, Guilherme de Freitas Gaiardo, L. D. C. Marcuzzo, Raul Ceretta Nunes, Carlos Raniery Paula dos Santos\",\"doi\":\"10.1109/AINA.2018.00115\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Denial of Service (DDoS) attacks become increasingly sophisticated and massive in traffic volume. These attacks can be mainly classified as IP Spoofing or Real Source IP. In special, Real Source IP attacks are characterized by the use of malware-infected hosts to simulate real network traffic. Those attacks are constantly evolving, new and sophisticated infection methods are always being employed by attackers. To deal with such constant change, the research community is always searching for advanced approaches to mitigate, or even eliminate, those threats. One of these new approaches, is the use of Network Function Virtualization (NFV). This new paradigm supports the creation of more scalable and flexible, thus resilient, network infrastructures. We, therefore, propose a DDoS mitigation system - called DeMONS - that uses NFV concept together both a dynamic allocation and a reputation mechanisms. The results demonstrate that the employed techniques are a feasible solution to reach higher utilization rates.\",\"PeriodicalId\":239730,\"journal\":{\"name\":\"2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA)\",\"volume\":\"65 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-05-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AINA.2018.00115\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AINA.2018.00115","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9
摘要
DDoS (Distributed Denial of Service,分布式拒绝服务)攻击越来越复杂,攻击流量越来越大。这些攻击主要分为IP Spoofing攻击和Real Source IP攻击。具体来说,真实源IP攻击的特点是利用被恶意软件感染的主机来模拟真实的网络流量。这些攻击是不断发展的,攻击者总是采用新的和复杂的感染方法。为了应对这种不断的变化,研究界一直在寻找先进的方法来减轻甚至消除这些威胁。其中一种新方法是使用网络功能虚拟化(NFV)。这种新范例支持创建更具可扩展性和灵活性的网络基础设施,因此具有弹性。因此,我们提出了一种称为DeMONS的DDoS缓解系统,该系统将NFV概念与动态分配和声誉机制结合在一起。结果表明,所采用的技术是达到较高利用率的可行方案。
Distributed Denial of Service (DDoS) attacks become increasingly sophisticated and massive in traffic volume. These attacks can be mainly classified as IP Spoofing or Real Source IP. In special, Real Source IP attacks are characterized by the use of malware-infected hosts to simulate real network traffic. Those attacks are constantly evolving, new and sophisticated infection methods are always being employed by attackers. To deal with such constant change, the research community is always searching for advanced approaches to mitigate, or even eliminate, those threats. One of these new approaches, is the use of Network Function Virtualization (NFV). This new paradigm supports the creation of more scalable and flexible, thus resilient, network infrastructures. We, therefore, propose a DDoS mitigation system - called DeMONS - that uses NFV concept together both a dynamic allocation and a reputation mechanisms. The results demonstrate that the employed techniques are a feasible solution to reach higher utilization rates.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
