A Real-Time (on Premise) Baseline Based DDoS Mitigation Scheme in a Hybrid Cloud

Uninterrupted services are the most important factor for building customers trust towards a particular service providers, Distributed denial of service attacks are major threats towards disrupting the customer base for these service providers. Increasing sophistication of these attacks make them stealthier to evade existing perimeter security mechanisms. Hence, there is a need to design a dedicated mechanism to counter these attacks. In this paper we present a real time mitigation approach for DDoS attacks in a hybrid cloud. This approach utilizes a real time hybrid cloud test bed environment implemented with both intrusion detection system (IDS) and intrusion prevention system (IPS) components for result analysis and is utilized to mitigate signature based attacks at layers 3, 4 and 7 of TCP/IP network model. To implement this approach various stages to mitigate these attacks are considered. The results obtained have 100 % detection accuracy in all the scenarios considered.