Preserving Service Availability Under DDoS Attack in Micro-Service Based Cloud Infrastructure.

Distributed denial of service (DDoS) attacks target the availability of the victim's services. DDoS attacks, being resource-consumption attacks, create heavy resource contention. In the state of the art, we found that resource isolation for legitimate users assisted in maintaining service availability even in the presence of DDoS attacks. As the networks are moving towards micro-service architecture, DDoS attack on these architecture can lead to disruption of services. In this work, we implement a micro-service architecture using container based environment. We use the threshold connection and micro-service architecture to preserve service availability under DDoS attack. The threshold connection will check for the active connection of distinct web pages, and micro-service architecture helps in serving those different requests on different containers. We classify those users whose number of requests is greater than the threshold connection as attacker and the rest of them as benign users. Also, we classify the target web page into two categories: high resource consumption web pages and low resource consumption web pages based on their resource consumption. We serve the requests for both pages in different containers. Our experimental results show that even in the presence of a massive DDoS attack, our proposed mechanism is able to preserve the availability of the target service. The proposed methodology leads to failure of only 8 benign requests as compared to 499 under state-of-the-art. It is imperative to emphasize that the proposed technique should not be regarded as a DDoS detection instrument but rather as a supplementary component to an existing detection solutions.