Watanabe et al., 2015 - Google Patents
HTTP-GET Flood Prevention Method by Dynamically Controlling Multiple Types of Virtual Machine ResourcesWatanabe et al., 2015
View PDF- Document ID
- 3844457881156268413
- Author
- Watanabe M
- Kobayashi R
- Kato M
- Publication year
- Publication venue
- Journal of Information Processing
External Links
Snippet
Currently, Web services are widely utilized to disclose company information, and offer online services and e-commerce. As these services have become an essential part of our everyday lives, the public is greatly inconvenienced when they are disrupted. Denial of service (DoS) …
- 230000002265 prevention 0 title description 17
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Programme initiating; Programme switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5061—Partitioning or combining of resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5011—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Eliyan et al. | DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challenges | |
| US9088605B2 (en) | Proactive network attack demand management | |
| Reynaud et al. | Attacks against network functions virtualization and software-defined networking: State-of-the-art | |
| JP6957675B2 (en) | Network attack protection system and method | |
| Shawahna et al. | EDoS-ADS: An enhanced mitigation technique against economic denial of sustainability (EDoS) attacks | |
| US12341807B2 (en) | Packet fingerprinting for enhanced distributed denial of service protection | |
| Mahdavi Hezavehi et al. | An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environments | |
| Maji et al. | Ice: An integrated configuration engine for interference mitigation in cloud services | |
| US9584550B2 (en) | Exploit detection based on heap spray detection | |
| Baig et al. | Controlled access to cloud resources for mitigating Economic Denial of Sustainability (EDoS) attacks | |
| CN105337966A (en) | Processing method for network attacks and device | |
| Baig et al. | Controlled virtual resource access to mitigate economic denial of sustainability (EDoS) attacks against cloud infrastructures | |
| Aldaoud et al. | DHCP attacking tools: an analysis | |
| CN107483414A (en) | A kind of security protection system and its means of defence based on cloud computing virtualized environment | |
| Varadharajan et al. | Counteracting security attacks in virtual machines in the cloud using property based attestation | |
| Mundada et al. | {SilverLine}: Data and network isolation for cloud services | |
| Beigi-Mohammadi et al. | CAAMP: Completely automated DDoS attack mitigation platform in hybrid clouds | |
| Abbasi et al. | Machine learning-based EDoS attack detection technique using execution trace analysis | |
| Kourai et al. | A self-protection mechanism against stepping-stone attacks for IaaS clouds | |
| Köksal et al. | Distributed denial‐of‐service attack mitigation in network functions virtualization‐based 5G networks using management and orchestration | |
| Rao et al. | SEDoS-7: a proactive mitigation approach against EDoS attacks in cloud computing | |
| Alsowail et al. | An experimental evaluation of the EDoS-shield mitigation technique for securing the cloud | |
| Michelin et al. | Mitigating dos to authenticated cloud rest apis | |
| Watanabe et al. | HTTP-GET Flood Prevention Method by Dynamically Controlling Multiple Types of Virtual Machine Resources | |
| KR20230118635A (en) | Automatic detection and mitigation of denial of service attacks |