A Security Mechanism For SaaS Cloud Service Model Using Dynamic Network Strategy Plan

Teenu Jose

Abstract


Cloud computing is a computing paradigm, where a large pool of systems are connected in private or public networks, to provide dynamically scalable infrastructure for application, data and file storage. With the advent of this technology, the cost of computation, application hosting, content storage and delivery is reduced significantly. Now the organizations are trying to migrate into a cloud system, so the cloud system should be secure enough to deals with the organizational services. The SaaS model is easily vulnerable to attacks. The main cause for the attack is the static network configurations. These static network configuration may open the attackers to study the weakness of the network and this will help the attacker to launch the attack. The cloud models mainly suffer DoS attack. The main reason behind is the static network configuration. So the paper suggests a security mechanism to protect SaaS model from DoS attack. For this a dynamic network strategy plan is used. In dynamic strategy plan, the network configurations can be done dynamically. To avoid DoS attack, we are changing the IP address of the network host using NOX controller algorithm. It is very difficult to implement I traditional network, so Software defined networking is adopted.

References


Braga, Rodrigo; Mota, Edjard and Passito, Alexandre: Lightweight DDoS Flooding attack detection using NOX/Openflow, IEEE 35th conference, October 2010.

Giotis, K Et al. Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments, computer networks vol. 62, October 2013.

Jafarian, J H; et al. Openflow random host mutation. transparent moving target defense using software defined networking, Proceedings of the first workshop on Hot topics in software defined networks, 2012.

Jajodia et al. Moving Target Defense, Springer, 2011.

Kim, Hyojoon and Feamster, Nick. Improving Network Management with Software Defined Networking IEEE, Communication Magazine, February 2013.

Kloti, Rowan; Kotronis, Vasileios and Smith, Paul: Openflow. security analysis IEEE publications, April 2013.

Kreutz, Diego; Ramos, Fernando M. V. and Verissimo, Paulo. Towards Secure and Dependable Software-Defined Networks proceedings of the second ACM SIGCOMM workshop on hot topics in SDN, August 2013.

Menezes, Diogo; Mattos, Ferrazani; Gonc¸ AlvesFerraz, Lyno Henrique. AuthFlow: Authentication and Access Control Mechanism for Software Defined Networking September 2013.

Porras, Philip and Shin, Seungwon: A security enforcement kernel for openflow networks

Scott-Hayward, Sandra; Gemma O’Callaghan and Sezer, Sakir: SDN Security. A Survey IEEE publications, November 2013.

Sezer, S; Scott-Hayward, S. Chouhan, P, Fraser, B; Lake, D; J. Finnegan, J; Viljoen, J; Miller, M and Rao, N. Are we ready for SDN? Implementation challenges for software-defined networks, Communications Magazine, IEEE, vol. 51, no. 7, 2013.

Shin, Seugwon; Porras, Phillip; Vinod Yegneswaran, Fong, Martin; Mabry Tyson, GuofeiGu. FRESCO: Modular Composable Security Services for Software-Defined Networks, appeared in the ISOC Network and Distributed System Security Symposium February 2013.

Wytr, Jacek Eebowicz, Ries, Thorsten; Truong Dinh, Khoa and Kukli´nski, Sawomir: SDN Controller Mechanisms for Flexible and Customized Networking International Journal of electronics and Telecommunications, Volume 6, September 2014.

Yan, Qiao and Yu, F. Richard. Distributed Denial of Service Attacks in Software-Defined Networking with Cloud Computing, communication magazine vol. 53, April 2015.


Refbacks

  • There are currently no refbacks.


Print Version ISSN: 2320-530X (Application for ISSN Online Version Pending)