A sliding window based monitoring scheme to detect and prevent ddos attack in data center networks in a dynamic traffic environment

Mirza Mohd Shahriar Maswood, Md Mainul Islam Mamun, Dijiang Huang, Deep Medhi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Distributed Denial of Service (DDoS) attack is the most common type of attack faced by today's data centers (DC). Such attacks can have a devastating impact on the system as it consumes resources like network bandwidth, hard disk storage, and CPU processing resources. As a consequence, the legitimate customers face more service blocking due to a major portion of the resources being occupied by the illegitimate traffic generated by the attackers. In this paper, we proposed a novel monitoring scheme based on the sliding window to detect and prevent the DDoS attack in DCs that serve enterprise customers that has low computational complexity. Compared to a benchmark scheme (without attack monitoring and preventing), our scheme ensures service provisioning for the legitimate customers with no false alarm. We also measure the robustness of our scheme in terms of the time taken to detect and prevent attack traffic by varying the traffic intensities of illegitimate traffic. Simulation results show that our scheme can successfully detect the attack even if the attack traffic intensity is not too much higher than the projected legitimate traffic intensity.

Original languageEnglish (US)
Title of host publication2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781538661543
DOIs
StatePublished - May 22 2019
Event39th IEEE Sarnoff Symposium, Sarnoff 2018 - Newark, United States
Duration: Sep 24 2018Sep 25 2018

Publication series

Name2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018

Conference

Conference39th IEEE Sarnoff Symposium, Sarnoff 2018
CountryUnited States
CityNewark
Period9/24/189/25/18

Fingerprint

Telecommunication traffic
Monitoring
Hard disk storage
Program processors
Computational complexity
Bandwidth
Processing
Industry
Denial-of-service attack
Attack
Sliding window
Data center
Resources

Keywords

  • Data Center Networks
  • Distributed Denial of Service Attack
  • Dynamic Traffic Engineering
  • Service Blocking

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Cite this

Maswood, M. M. S., Mamun, M. M. I., Huang, D., & Medhi, D. (2019). A sliding window based monitoring scheme to detect and prevent ddos attack in data center networks in a dynamic traffic environment. In 2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018 [8720399] (2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SARNOF.2018.8720399

A sliding window based monitoring scheme to detect and prevent ddos attack in data center networks in a dynamic traffic environment. / Maswood, Mirza Mohd Shahriar; Mamun, Md Mainul Islam; Huang, Dijiang; Medhi, Deep.

2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018. Institute of Electrical and Electronics Engineers Inc., 2019. 8720399 (2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Maswood, MMS, Mamun, MMI, Huang, D & Medhi, D 2019, A sliding window based monitoring scheme to detect and prevent ddos attack in data center networks in a dynamic traffic environment. in 2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018., 8720399, 2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018, Institute of Electrical and Electronics Engineers Inc., 39th IEEE Sarnoff Symposium, Sarnoff 2018, Newark, United States, 9/24/18. https://doi.org/10.1109/SARNOF.2018.8720399
Maswood MMS, Mamun MMI, Huang D, Medhi D. A sliding window based monitoring scheme to detect and prevent ddos attack in data center networks in a dynamic traffic environment. In 2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018. Institute of Electrical and Electronics Engineers Inc. 2019. 8720399. (2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018). https://doi.org/10.1109/SARNOF.2018.8720399
Maswood, Mirza Mohd Shahriar ; Mamun, Md Mainul Islam ; Huang, Dijiang ; Medhi, Deep. / A sliding window based monitoring scheme to detect and prevent ddos attack in data center networks in a dynamic traffic environment. 2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018. Institute of Electrical and Electronics Engineers Inc., 2019. (2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018).
@inproceedings{6b9969ee4d174d7885160b2f3c2868e5,
title = "A sliding window based monitoring scheme to detect and prevent ddos attack in data center networks in a dynamic traffic environment",
abstract = "Distributed Denial of Service (DDoS) attack is the most common type of attack faced by today's data centers (DC). Such attacks can have a devastating impact on the system as it consumes resources like network bandwidth, hard disk storage, and CPU processing resources. As a consequence, the legitimate customers face more service blocking due to a major portion of the resources being occupied by the illegitimate traffic generated by the attackers. In this paper, we proposed a novel monitoring scheme based on the sliding window to detect and prevent the DDoS attack in DCs that serve enterprise customers that has low computational complexity. Compared to a benchmark scheme (without attack monitoring and preventing), our scheme ensures service provisioning for the legitimate customers with no false alarm. We also measure the robustness of our scheme in terms of the time taken to detect and prevent attack traffic by varying the traffic intensities of illegitimate traffic. Simulation results show that our scheme can successfully detect the attack even if the attack traffic intensity is not too much higher than the projected legitimate traffic intensity.",
keywords = "Data Center Networks, Distributed Denial of Service Attack, Dynamic Traffic Engineering, Service Blocking",
author = "Maswood, {Mirza Mohd Shahriar} and Mamun, {Md Mainul Islam} and Dijiang Huang and Deep Medhi",
year = "2019",
month = "5",
day = "22",
doi = "10.1109/SARNOF.2018.8720399",
language = "English (US)",
series = "2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
booktitle = "2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018",

}

TY - GEN

T1 - A sliding window based monitoring scheme to detect and prevent ddos attack in data center networks in a dynamic traffic environment

AU - Maswood, Mirza Mohd Shahriar

AU - Mamun, Md Mainul Islam

AU - Huang, Dijiang

AU - Medhi, Deep

PY - 2019/5/22

Y1 - 2019/5/22

N2 - Distributed Denial of Service (DDoS) attack is the most common type of attack faced by today's data centers (DC). Such attacks can have a devastating impact on the system as it consumes resources like network bandwidth, hard disk storage, and CPU processing resources. As a consequence, the legitimate customers face more service blocking due to a major portion of the resources being occupied by the illegitimate traffic generated by the attackers. In this paper, we proposed a novel monitoring scheme based on the sliding window to detect and prevent the DDoS attack in DCs that serve enterprise customers that has low computational complexity. Compared to a benchmark scheme (without attack monitoring and preventing), our scheme ensures service provisioning for the legitimate customers with no false alarm. We also measure the robustness of our scheme in terms of the time taken to detect and prevent attack traffic by varying the traffic intensities of illegitimate traffic. Simulation results show that our scheme can successfully detect the attack even if the attack traffic intensity is not too much higher than the projected legitimate traffic intensity.

AB - Distributed Denial of Service (DDoS) attack is the most common type of attack faced by today's data centers (DC). Such attacks can have a devastating impact on the system as it consumes resources like network bandwidth, hard disk storage, and CPU processing resources. As a consequence, the legitimate customers face more service blocking due to a major portion of the resources being occupied by the illegitimate traffic generated by the attackers. In this paper, we proposed a novel monitoring scheme based on the sliding window to detect and prevent the DDoS attack in DCs that serve enterprise customers that has low computational complexity. Compared to a benchmark scheme (without attack monitoring and preventing), our scheme ensures service provisioning for the legitimate customers with no false alarm. We also measure the robustness of our scheme in terms of the time taken to detect and prevent attack traffic by varying the traffic intensities of illegitimate traffic. Simulation results show that our scheme can successfully detect the attack even if the attack traffic intensity is not too much higher than the projected legitimate traffic intensity.

KW - Data Center Networks

KW - Distributed Denial of Service Attack

KW - Dynamic Traffic Engineering

KW - Service Blocking

UR - http://www.scopus.com/inward/record.url?scp=85067109539&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85067109539&partnerID=8YFLogxK

U2 - 10.1109/SARNOF.2018.8720399

DO - 10.1109/SARNOF.2018.8720399

M3 - Conference contribution

AN - SCOPUS:85067109539

T3 - 2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018

BT - 2018 IEEE 39th Sarnoff Symposium, Sarnoff 2018

PB - Institute of Electrical and Electronics Engineers Inc.

ER -