1 / 8

DDoS in Cloud Computing

DDoS in Cloud Computing. B. Cha. Agenda. DDoS Attacks DDoS Model in Cloud Computing Problem Definition DDoS Solution 1 DDoS in aspect of Cloud Computing Manager DDoS Attack DDoS Target Detection in aspect of Cloud Computing Manager Attack Detection Intrusion Detection.

yuval
Download Presentation

DDoS in Cloud Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DDoS in Cloud Computing B. Cha

  2. Agenda • DDoS Attacks • DDoS Model in Cloud Computing • Problem Definition • DDoS Solution 1 • DDoS in aspect of Cloud Computing Manager • DDoS Attack • DDoS Target • Detection in aspect of Cloud Computing Manager • Attack Detection • Intrusion Detection

  3. DDoS Attacks • DDoS Attacks • 클라우드 컴퓨팅에서 가장 위협적이며 강력한 공격은 바로 DDoS공격 • 직접적으로는 클라우드 컴퓨팅 서비스의 가용성을 방해하거나 서비스에 대한 SLA을 위반 • DoS (Denial of Service) • 서비스 거부 공격의 형태는 주요 웹사이트나 DNS에 대한 공격처럼 국가나 인터넷 전체 기반체계를 대상으로 하는 형태의 조직적인 공격에서부터 시작하여 기업의 특정 사이트를 대상으로 한 공격까지 매우 광범위하게 전개 • DDoS (Distributed Denial of Service) • DDoS공격은 DoS공격으로부터 발전 • 대량의 트래픽을 유발하는 플러딩(Flooding)성 공격 • 과도한 세션을 요구하는 커넥션(Connection) 공격 • 기타 애플리케이션(Application) 특성을 활용한 공격 • DDoS공격 탐지 • IDS/IPS, DDoS대응 시스템, Netflow, ACL, MRTG orRRD, DNS 서버, L7 스위치(IPS) • DDoS공격 차단 • URL 차단, IP 차단, Port and Protocol 차단

  4. DDoS Model in Cloud Computing • Assumption • Cloud Computing Environment • Cloud 1, Cloud 2, Manager of Cloud 1, and Malicious Client Computing Clusters Manager Access Cloud Computing Access Malicious Client

  5. DDoS in aspect of Cloud Computing Manager • DDoS Attack (Scenario 1) • Scanning of used resources and activity (Impossible) • Privacy problem happened • need high tech. • Measurement of used resources (Internal Inspectors and External Inspectors) • need Monitoring and ESM • DDoS Target (Scenario 2) • Resources are divided into networking resource and computing resource. • Networking Virtualization and Computing Scaling • Networking Virtualization • Restricted Network Access • 1st Resist Line • Computing Scaling • Attack Tolerance • 2nd Resist Line • Differences of Firewall  Merits and Demerits

  6. DDoS in aspect of Cloud Computing Manager DDoS Scenario1 & 2 using Cloud Computing Computing Clusters External Target System 1 Internal DDoS Attack 1 DDoS Attack 2 Manager Target System 2 Cloud Computing Attacks Attacks Malicious Client

  7. Detection in aspect of Cloud Computing Manager • Attack Detection • External Activity Detection • Traffic Monitoring • FrontEnd, Cloud Controller or Cluster Controller • Intrusion Detection • Internal Activity Detection • Used Resources Monitoring • BackEnd, Cluster Controller or Node Controller • Monitoring & ESM • Monitoring Resources • Networking Resources • Computing Resources • Network, System and User Activity • Various monitoring tools in clusters • Need integration/analysis tools for the various monitoring data • Decision system for attack, anomaly, and normal

  8. Detection in aspect of Cloud Computing Manager DDoS Scenario 1 using Cloud Computing Computing Clusters External Inspectors ESM ESM External ESM Target System Internal DDoS Attack Internal Inspectors ESM Attacks Cloud Computing Resources Assignment Malicious Client

More Related