Dolus: Cyber Defense using Pretense against DDoS Attacks in Cloud Platforms

@article{Neupane2018DolusCD,
  title={Dolus: Cyber Defense using Pretense against DDoS Attacks in Cloud Platforms},
  author={Roshan Lal Neupane and Travis Neely and Nishant Chettri and Mark Vassell and Yuanxun Zhang and Prasad Calyam and Ramakrishnan Durairajan},
  journal={Proceedings of the 19th International Conference on Distributed Computing and Networking},
  year={2018}
}
Cloud-hosted services are being increasingly used in online businesses in e.g., retail, healthcare, manufacturing, entertainment due to benefits such as scalability and reliability. [...] Key Method Using foundations from pretense theory in child play, Dolus takes advantage of elastic capacity provisioning via 'quarantine virtual machines' and SDxI policy co-ordination across multiple network domains to deceive the attacker by creating a false sense of success. From the time gained through pretense initiation…Expand
Cyber Range for Research-Inspired Learning of “Attack Defense by Pretense” Principle and Practice
TLDR
The design, development, and evaluation of the Mizzou Cyber Range is presented, an online platform to learn basic/advanced cyber defense concepts and perform training exercises to engender the next-generation cybersecurity workforce. Expand
Mitigation of cyber threats: Protection mechanisms in federated SDN/NFV infrastructures for 5G within FIRE+
TLDR
The BotsOnFIRE experiment contributes to the wider 5G objective of more secure and resilient networks and services, where botnets are actually one of the most powerful cyber threats capable of orchestrating the remote execution of cyber‐attacks. Expand
DefenseChain: Consortium Blockchain for Cyber Threat Intelligence Sharing and Defense
TLDR
The results show that the DefenseChain system overall performs better than state-of-the-art decision making schemes in choosing the most appropriate detector and mitigator peers, and achieves better performance trade-offs in terms of metrics such as detection time, mitigation time and attack reoccurence rate. Expand
Automated benchmark network diversification for realistic attack simulation with application to moving target defense
TLDR
It is argued that evaluation based on realistic attack simulation is a qualified approach to examine and verify claims of newly proposed defense techniques in order to evaluate the security impact of different defenses, both quantitatively and qualitatively. Expand
Blockchain Expansion to secure Assets with Fog Node on special Duty
TLDR
A new and complete framework with cloud, fog, to secure configuration files with blockchain technology is proposed, which considers the configuration files from SDN or NFV as an asset to secure with blockchain. Expand
A Survey on Machine Learning Applications for Software Defined Network Security
TLDR
This survey presents studies that employ ML techniques in SDN environments for security applications and classify them into ML techniques (used to identify general anomalies or specific attacks) and IDS frameworks for SDN. Expand
Securing and Monitoring of Bandwidth Usage in Multi-Agents Denial of Service Environment
TLDR
A real time system for securing and monitoring the amount of bandwidth consumed on the network using the multi-agent framework technology and may be used as a starting point for the aspect of response in providing a comprehensive solution to DoS attacks. Expand
Attack Simulation for a Realistic Evaluation and Comparison of Network Security Techniques
New network security techniques and strategies, such as Moving Target Defense (MTD), with promising narratives and concepts emerge on a regular basis. From a practical point of view, some of the mostExpand
Secure IT Systems
  • Nils Gruschka
  • Computer Science
  • Lecture Notes in Computer Science
  • 2018
TLDR
This work proposes a privacy-preserving distributed protocol that solves the economic dispatch problem in electricity power grids and analyzes the security of this protocol, and gives experimental results from a prototype implementation to show the feasibility of the protocol. Expand
Trace Driven Traffic Generator for Self-Driving Networks
TLDR
This project serves as the first step in creating a basis for implementing a network capable of running entirely by itself, eliminating the need for a network engineer to constantly scrutinize their network’s stability. Expand
...
1
2
...

References

SHOWING 1-10 OF 48 REFERENCES
Defense of DDoS attack for cloud computing
TLDR
Experiments show the defense system which is a combination of SBTA and Cloud-filter is effective in Cloud Computing and was able to trace and identify the source most of the attacks messages of these attacks and reduce the packets that reconstruction path required. Expand
Procedure for detection of and response to Distributed Denial of Service cyber attacks on complex enterprise systems
The increasing frequency, rising costs, and growing sophistication of cyber attacks on DoD, agency and commercial enterprise systems are dramatically reducing the quality of end-user services andExpand
Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges
TLDR
This work can help to understand how to make full use of SDN's advantages to defeat DDoS attacks in cloud computing environments and how to prevent SDN itself from becoming a victim of DDoSDoS attacks, which are important for the smooth evolution ofSDN-based cloud without the distraction ofDDoS attacks. Expand
Frequency-minimal moving target defense using software-defined networking
TLDR
This paper addresses the defense needs by leveraging moving target defense protection within Software-Defined Networking-enabled cloud infrastructure by leveraging frequency minimization and consequent location selection of target movement across heterogeneous virtual machines based on attack probability. Expand
A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment
TLDR
This study proposes a method of integration between HTTP GET flooding among Distributed Denial-of-Service attacks and MapReduce processing for fast attack detection in a cloud computing environment and experiments show that the proposed method is better than Snort detection because the processing time of the former is shorter with increasing congestion. Expand
Detecting fraudulent use of cloud resources
TLDR
This paper thoroughly describes the FRC attack and discusses why current application-layer DDoS detection schemes are not applicable to a more subtle attack, and proposes three detection metrics that together form the criteria for identifying a FRC attacks from that of normal web activity. Expand
Machine Learning for Automatic Defence Against Distributed Denial of Service Attacks
TLDR
The goal of this paper is to explore the effectiveness of machine learning techniques in developing automatic defences against DDoS attacks by developing a data collection and traffic filtering framework and exploring the potential of artificial neural networks in the defence againstDDoS attacks. Expand
FRESCO: Modular Composable Security Services for Software-Defined Networks
TLDR
This paper introduces FRESCO, an OpenFlow security application development framework designed to facilitate the rapid design, and modular composition of OF-enabled detection and mitigation modules, and demonstrates the utility of FRESCO through the implementation of several well-known security defenses as Open Flow security services. Expand
SDN-based solutions for Moving Target Defense network protection
TLDR
This paper investigates how SDN can be used in some network-based MTD techniques, and describes the advantages and disadvantages, the potential countermeasures attackers could take to circumvent them, and the overhead of implementing MTD using SDN. Expand
Distributed Denial of Service (DDoS) detection by traffic pattern analysis
TLDR
A behavior-based detection that can discriminate Distributed Denial of Service (DDoS) attack traffic from legitimated traffic regardless to various types of the attack packets and methods is proposed. Expand
...
1
2
3
4
5
...