Data center architecture that supports attack detection and mitigation
A data center and data technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve the problems of increasing procurement cost and operating cost, hardware equipment can not be synchronized, preventing legitimate business, etc.
Active Publication Date: 2019-10-11
MICROSOFT TECH LICENSING LLC
View PDF6 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Therefore, in order to handle the volume of traffic flowing through and across the data center, as well as to deal with the growing volume of DoS attacks, the use of the above hardware appliances will incur significant costs
Additionally, these devices must be deployed in a redundant fashion, which further increases acquisition and operating costs
[0005] Second, hardware devices are relatively inflexible
Additionally, hardware devices have limited effectiveness against increasingly sophisticated attacks such as zero-day attacks
Finally, hardware devices may not keep up with operating system (OS) firmware and builds, which risks reducing their effectiveness against attacks
[0006] Third, collateral damage can be associated with such hardware devices
Since many attacks can mount in tens of seconds to minutes, the delay in detecting an anomaly or attack risks overloading the target VM as well as the data center's infrastructure (e.g., firewalls, load balancers, and core links), which can be detrimental to common collateral damage caused by escrow lessee
In addition, if the hardware device cannot quickly identify when the attack is gone, it may falsely block legitimate business
Therefore, given that many security solutions apply business analytics and smoothing techniques to reduce false positives for attack detection, such solutions may not be able to act fast enough to avoid collateral damage
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
example 1
[0082] Example 1: A method performed by at least one computing device in a data center, the at least one computing device configured to form at least a portion of an interposer in the data center, the interposer computing by means of a plurality of servers Illustrated by a device, the method includes receiving, at the at least one computing device in the intermediary layer, a plurality of data packets of a traffic flow, the traffic flow being transmitted between: a first computing device or a first service hosted by a data center; and a second computing device or a second service; in response to receiving the plurality of data packets, processing the plurality of data packets to facilitate an identification attack; and when identified Upon the attack, a signal is generated indicating that the attack has been identified.
example 2
[0083] Example 2: The method of example 1, the interposer being in-band as the traffic flow traverses the data center.
example 3
[0084] Example 3: The method of any of Examples 1 or 2, wherein the plurality of server computing devices are further configured to execute respective software load balancers.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
Described in this article are various techniques for identifying inbound and outbound network and application attacks relative to the data center. The commercial server is used to monitor the ingress service flow and the egress service flow, and detect anomalies in the service flow. In response to detecting the anomaly, a mitigation strategy is executed to mitigate damage caused by the cyber attack.
Description
Background technique [0001] Cloud services are growing rapidly - the market for cloud services is expected to reach hundreds of billions of dollars in the relatively near future. Cloud services are hosted on a data center or group of data centers, where a data center includes numerous computing devices and network infrastructure devices that support computing, networking, and storage services. However, the devices in data centers and the services hosted in those devices are unfortunately increasingly the targets of cyberattacks. Datacenters have been targeted by cyber attackers for at least two reasons: 1) A datacenter or a network of datacenters can have thousands to tens of thousands of different services, so attacking a datacenter can lead to serious and sometimes staggering consequences 2) In addition to hosting malware, stealing confidential data, disrupting competitor services, and selling compromised virtual machines (VMs) in the underground economy, attackers can expl...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/911H04L29/08H04L12/26
CPCH04L43/16H04L47/726H04L63/1416H04L67/1001H04L67/10H04L63/0236
Inventor N·贾因缪睿
Owner MICROSOFT TECH LICENSING LLC