Serving while attacked: DDoS attack effect minimization using page separation and container allocation strategy

Abstract Distributed denial of service attacks are prominent cyber attacks for the last many years. Cloud computing environments are emerging as a common service deployment alternative. At the same time, the cloud is also emerging as an important target for DDoS attacks. DDoS attacks exhaust the resources of the target server to deny the service for benign users. Cloud platforms may also use the container as a service (CaaS) deployment model. In this work, we focus on understanding and minimizing the attack effects of the DDoS attacks in the container-based virtual environments. With the help of DDoS attack experiments, we see that when the attack is present, there is heavy resource contention between authenticated white-list requests and suspicious attack requests at the victim server. In addition, there is a large number of request failures for white-list users. In this work, we analyze the results of our attack experiments and define a set of important requirements for effective solutions. Among these requirements, serving the benign user requests is the foremost requirement for any victim server. In addition, segregation of suspicious attack requests and separation of pages are other two important requirements. Based on these solutions requirements, we propose a set of novel page separation and resource allocation strategies to achieve service availability for genuine users. Based on the attack experiments to evaluate the proposed strategies, we found that page separation with the majority of resources assigned to white-list user requests and separating suspicious user requests ascertain service availability to genuine users during the attacks. The overall service-time of genuine requests achieved a huge improvement as compared to the scenario when not using our proposed strategies.