Multi Layer Protection Against Low Rate DDoS Attacks in Containerized Systems

TL;DR

This paper presents a multi-layered DDoS mitigation system tailored for containerized cloud environments, combining various security techniques to detect and prevent low rate DDoS attacks effectively.

Contribution

It introduces an integrated defense framework that combines WAF, rate limiting, blacklisting, header analysis, and zero trust principles specifically for containerized systems.

Findings

Effective detection of low rate DDoS attacks demonstrated

Enhanced security through layered defense mechanisms

Seamless integration with Docker for deployment

Abstract

Low rate Distributed Denial of Service DDoS attacks have emerged as a major threat to containerized cloud infrastructures. Due to their low traffic volumes, these attacks can be difficult to detect and mitigate, potentially causing serious harm to internet applications. This work proposes a DDoS mitigation system that effectively defends against low rate DDoS attacks in containerized environments using a multi layered defense strategy. The solution integrates a Web Application Firewall WAF, rate limiting, dynamic blacklisting, TCP and UDP header analysis, and zero trust principles to detect and block malicious traffic at different stages of the attack life cycle. By applying zero trust principles, the system ensures that each data packet is carefully inspected before granting access, improving overall security and resilience. Additionally, the systems integration with Docker orchestration facilitates deployment and management in containerized settings.