Skip to main content

DynaShield: Reducing the cost of DDoS defense using cloud services

Publication ,  Conference
Zheng, S; Yang, X
Published in: 11th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2019, co-located with USENIX ATC 2019
January 1, 2019

Fueled by IoT botnets and DDoS-as-a-Service tools, distributed denial of service (DDoS) attacks have reached record high volumes. Although there exist DDoS protection services, they can be costly for small organizations as well as individual users. In this paper, we present a low-cost DDoS solution, DynaShield, which a user can deploy at common cloud service providers. DynaShield employs three techniques to reduce cost. First, it uses an on-demand model. A server dynamically updates its DNS record to redirect clients’ traffic to DynaShield when it is under attack, avoiding paying for cloud services during peacetime. Second, DynaShield combines serverless functions and elastic servers provided by cloud providers to auto-scale to large attacks without overprovisioning. Third, DynaShield uses cryptocurrency puzzles as proof of work. The coin mining profit can further offset a protected server’s cloud service charges. Our preliminary evaluation suggests that DynaShield can cost as little as a few dollars per month to prevent an organization from common DDoS attacks.

Duke Scholars

Published In

11th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2019, co-located with USENIX ATC 2019

Publication Date

January 1, 2019
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Zheng, S., & Yang, X. (2019). DynaShield: Reducing the cost of DDoS defense using cloud services. In 11th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2019, co-located with USENIX ATC 2019.
Zheng, S., and X. Yang. “DynaShield: Reducing the cost of DDoS defense using cloud services.” In 11th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2019, Co-Located with USENIX ATC 2019, 2019.
Zheng S, Yang X. DynaShield: Reducing the cost of DDoS defense using cloud services. In: 11th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2019, co-located with USENIX ATC 2019. 2019.
Zheng, S., and X. Yang. “DynaShield: Reducing the cost of DDoS defense using cloud services.” 11th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2019, Co-Located with USENIX ATC 2019, 2019.
Zheng S, Yang X. DynaShield: Reducing the cost of DDoS defense using cloud services. 11th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2019, co-located with USENIX ATC 2019. 2019.

Published In

11th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2019, co-located with USENIX ATC 2019

Publication Date

January 1, 2019