Abstract
DDoS (Distributed denial of service) attacks target on the availability of the victim services. DDoS attacks, being resource intensive attacks, create a heavy resource contention. In the state of the art, we found that resource isolation for legitimate users assists in maintaining service availability even in the presence of DDoS attacks. Resource isolation is an important method to minimize performance interference originated by the resource contention. In this paper, we propose resource isolation through service separation at two levels: physical machine level and virtual machine level. We compare four methods of resource segregation for legitimate users at physical machine level, virtual machine level, container level, and page level. The results of our experiments suggest that adopting different separation levels improve in the response time for legitimate user request even in the presence of DDoS attacks. By using different separation levels, we were able to see a considerable increase in the service availability time of target machines. In addition, there are notable improvements in number of requests failures and response time of target and co-located services.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
