ACM Transactions on Computer Systems (TOCS)
Sustaining Availability of Web Services under Distributed Denial of Service Attacks
IEEE Transactions on Computers
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Incentive-based modeling and inference of attacker intent, objectives, and strategies
ACM Transactions on Information and System Security (TISSEC)
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Network Virtualization: Breaking the Performance Barrier
Queue - Virtualization
To filter or to authorize: network-layer DoS defense against multimillion-node botnets
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
A Survey of Game Theory as Applied to Network Security
HICSS '10 Proceedings of the 2010 43rd Hawaii International Conference on System Sciences
The impact of virtualization on network performance of amazon EC2 data center
INFOCOM'10 Proceedings of the 29th conference on Information communications
NetFence: preventing internet denial of service from inside out
Proceedings of the ACM SIGCOMM 2010 conference
Secure cloud computing with a virtualized network infrastructure
HotCloud'10 Proceedings of the 2nd USENIX conference on Hot topics in cloud computing
On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks
SpringSim '10 Proceedings of the 2010 Spring Simulation Multiconference
A survey on game theory applications in wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Evolution in cloud services and infrastructure has been constantly reshaping the way we conduct business and provide services in our day to day lives. Tools and technologies created to improve such cloud services can also be used to impair them. By using generic tools like nmap, hping and wget, one can estimate the placement of virtual machines in a cloud infrastructure with a high likelihood. Moreover, such knowledge and tools can also be used by adversaries to further launch various kinds of attacks. In this paper we focus on one such specific kind of attack, namely a denial of service (DoS), where an attacker congests a bottleneck network channel shared among virtual machines (VMs) coresident on the same physical node in the cloud infrastructure. We evaluate the behavior of this shared network channel using Click modular router on DETER testbed. We illustrate that game theoretic concepts can be used to model this attack as a two-player game and recommend strategies for defending against such attacks.