DDoS attack detecting method and DDoS attack detecting system of multi-tenant cloud computing system

An attack detection and cloud computing technology, applied in transmission systems, electrical components, etc., can solve the problem that the defender cannot know the network status of the attack source and increase the difficulty of tracing the source.

Active Publication Date: 2017-01-25
INST OF INFORMATION ENG CAS
View PDF7 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the difficulty of DDoS attack detection on traditional networks is focused on the source of the attack. Attacking hosts are scattered throughout the n

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack detecting method and DDoS attack detecting system of multi-tenant cloud computing system
  • DDoS attack detecting method and DDoS attack detecting system of multi-tenant cloud computing system
  • DDoS attack detecting method and DDoS attack detecting system of multi-tenant cloud computing system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. It should be understood that the described embodiments are only part of the embodiments of the present invention, not all of them. example. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention.

[0047] In this technical solution, computing nodes deploy detection agents, and control nodes deploy detection servers. The detection agent calculates the virtual machine traffic entropy, judges whether a potential DDoS attack occurs by measuring whether the entropy change exceeds the specified threshold, and collects suspicious attack flow statistics and sends them to the detection server. By measuring the similarity between suspic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DDoS attack detecting method and a DDoS attack detecting system of a multi-tenant cloud computing system. The method comprises the following steps: arranging a detecting server at a control node of a multi-tenant cloud computing system, and establishing a detecting proxy for each computing node; counting, by the detecting proxy, a number of data packets transmitted by each virtual machine to different destination IP addresses at an i period of time according to flow data collected at the i period of time; calculating, by the detecting proxy, a flow entropy variation value of each virtual machine according to the statistics data, if the flow entropy variation value transmitted by the virtual machine I to the destination IP is greater than the set flow entropy variation threshold value, judging the data flow as a suspicious DDoS attack flow, and transmitting the data flow to the detecting server; identifying, by the detecting server, a potential attack flow according to a data destination IP address, a tenant identifier aggregation destination address and a ratio of an aggregation result in total flow; and if a relative entropy of two potential attack flows is less than a set threshold value, judging as the DDoS attack flow.

Description

technical field [0001] The invention belongs to the field of cloud computing network security. Specifically, it relates to a DDoS attack detection method and system in a multi-tenant cloud computing system environment. Background technique [0002] In the cloud computing system, resource isolation is realized by dividing tenants, and the virtual machines in the multi-tenant cloud computing system are assigned to different tenants during the instantiation phase. In this way, the underlying infrastructure is shared among tenants, and the data of one tenant is protected from being accessed by other tenants to the greatest extent. Large-scale cloud computing systems deploy many virtual machines, and these virtual machines become the targets of DDoS attackers. After the attacker invades a virtual machine in the cloud through a certain method, he injects attack programs into other virtual machines through network attacks and other methods, and these virtual machines form the att...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1466H04L67/10
Inventor 王利明王淼徐震马多贺陈凯董文婷
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap