- مبلغ: ۸۶,۰۰۰ تومان
- مبلغ: ۹۱,۰۰۰ تومان
Cloud is the requirement of today’s competitive world that demand flexible, agile and adaptable technology to be at par with rapidly changing IT industry. Cloud offers scalable, on-demand, pay-as-you-go services to enterprise and has hence become a part of growing trend of organizations IT service model. With emerging trend of cloud the security concerns have further increased and one of the biggest concerns related to cloud is DDoS attack. DDoS attack tends to exhaust all the available resources and leads to unavailability of services in cloud to legitimate users. In this paper the concept of fog computing is used, it is nothing but an extension to cloud computing that performs analysis at the edge of the network, i.e. bring intelligence at the edge of the network for quick real time decision making and reducing the amount of data that is forwarded to cloud. We have proposed a framework in which DDoS attack traffic is generated using different tools which is made to pass through fog defender to cloud. Furthermore, rules are applied on fog defender to detect and filter DDoS attack traffic targeted to cloud.
CONCLUSION AND FUTURE WORK
Cloud computing can clearly be seen as today’s most alluring technology, at least in terms of being cost efficient and its flexibility. It helps accomplish more by paying less. But enterprises are reluctant to use cloud because they are concerned with the security issues in cloud like DDoS attack. In this paper, we have presented a framework where DDoS attack traffic while passing through fog defender was detected and filtered by applying rules at this layer and only legitimate requests were forwarded to ownCloud server. Therefore, the request that reaches cloud is legitimate ones. As detection and mitigation of DDoS attack is done at the edge of the network and not cloud, it leads to better response time and resource utilization in cloud. Whereas, this approach only provides defense from TCP and HTTP attack traffic. Hence, its can be improved to defend other protocol traffics like ICMP, UDP etc. Furthermore, if servers can be used as fog devices more intelligence can be brought to the edge of the network as servers can be used to perform load balancing and provide real time decision making for time critical applications.