| Cloud Computing has developed rapidly in recent years and the research of Cloud Computing has become popular in scientific area and industry. It brings the convenience of sharing the resources, while the risk of sharing physical resources hinders the fast development of cloud computing. Unlike computation and storage resources which are well managed in a cloud, network resource usually lacks of performance isolation. Nowadays, few prevention mechanism has be proposed on this attack. This paper mainly focus on the Denial of Service (DoS) attack which targeting at bottleneck of data center. Attack detection method and prevention mechanism are proposed to ensure the security of the data center.Start from data center physical structure, this paper firstly study the possibility of DoS attack, secondly, according to data center VM usage, an analysis model is proposed to detect the attack in real time. Finally, when attack is detected, a migration strategy will be proposed and the attack VMs will be migrated to bandwidth restricted network. The key points of the research are attached as following:1. Review on previous work on DoS attack and attack detection mechanism, Analysis the drawbacks of previous work.2. Propose to apply VM running status for VM entropy calculation, and judge DoS attack based on VM status.3. A migration policy is proposed based on the detection result.4. Base on SND and OpenStack to realize an experiment DoS attack detection and prevention platform. |
PDF Full Text Request