《计算机应用研究》|Application Research of Computers

基于虚拟机迁移的DoS攻击防御方法

Defensive method against DoS attack based on virtual machine migration

免费全文下载 (已被下载 次)  
获取PDF全文
作者 张淼,季新生,刘文彦,杨超,霍树民,程国振
机构 国家数字交换系统工程技术研究中心,郑州 450002
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2019)07-054-2174-05
DOI 10.19734/j.issn.1001-3695.2018.01.0095
摘要 利用云计算资源共享的特性,攻击者可以通过不停消耗带宽资源,使得同一物理主机上的其他用户无法接受正常服务,造成拒绝服务(denial of service,DoS)攻击。这种攻击区别于传统网络体系中的DoS攻击,因此难以应用传统防御方法解决。针对这一问题,提出一种基于虚拟机迁移的DoS攻击防御方法。通过选择迁移目标、设计触发机制和选择迁移目的地,形成迅速减轻DoS攻击影响的虚拟机迁移策略。实验结果表明,针对攻击者的不同攻击方式,该方法均可有效地快速防御DoS攻击,保证云服务的正常运行。相比其他策略,所提方法在迁移开销上略有增加,但防御效果明显,可行性更高。
关键词 云计算; DoS攻击; 虚拟机迁移
基金项目 国家重点研发计划资助项目(2016YFB0800100,2016YFB0800101)
国家自然科学基金创新研究群体项目(61521003)
国家自然科学基金青年基金资助项目(61602509)
河南省科技攻关计划资助项目(172102210615)
本文URL http://www.arocmag.com/article/01-2019-07-054.html
英文标题 Defensive method against DoS attack based on virtual machine migration
作者英文名 Zhang Miao, Ji Xinsheng, Liu Wenyan, Yang Chao, Huo Shumin, Cheng Guozhen
机构英文名 National Digital Switching Engineering & Technological R&D Center,Zhengzhou 450002,China
英文摘要 By utilizing the characteristics of resource sharing in cloud computing, attackers can launch DoS attack by constantly consuming bandwidth resources so that other users on the same physical host cannot receive normal services. This attack mode is different from the DoS attack in traditional network system, so it is difficult to apply traditional defense method to solve it. To solve this problem, this paper proposed a DoS attack defense method based on virtual machine migration. By selecting the migration target, designing the triggering mechanism and selecting the migration destination, it proposed a virtual machine migration strategy to mitigate the impact of DoS attacks. The experimental results demonstrate that this method can effectively defend DoS attack and ensure the normal operation of cloud service whatever different attack methods that attackers may use. Compared with other methods, the proposed strategy leads a litter more migration cost, however, it's better in defense effect and feasibility.
英文关键词 cloud computing; DoS attack; virtual machine migration
参考文献 查看稿件参考文献
 
收稿日期 2018/1/8
修回日期 2018/3/23
页码 2174-2178
中图分类号 TP309.2
文献标志码 A