A Dynamic Protection System of Web Server in Virtual Cluster Using Live Migration

Virtual machine monitor provides the drastic improvement of isolation, consolidation and flexibility in running virtual machine. Also, virtual cluster becomes one of the hot topics for the combination of capacity planning, HPC (high performance computing) and virtualization technologies. In this paper we propose a dynamic protection system of Web server in virtual cluster using live migration. VMM (virtual machine monitor) makes it possible to save, suspend and move VM running mission critical service without sustaining sessions. Our system runs in virtual cluster as protection module for making Web server reliable and available against DoS attacks. Proposed system can respond the rapid increase of utilization caused by DoS attacks without stopping sessions and services using live migration. For dynamic protection, an interruptive-notification mechanism is inserted into Web daemon, kernel space and VMM layer to activate the real-time mitigation of DoS by migrating and re-distributing VM on different physical machines. Experiment shows that our system is successful for mitigating DoS attacks without suspending sessions by reducing and distributing utilizations of the resources of VM providing mission critical Web services. We can conclude that our dynamic protection system using inter-VM notification and live migration can make virtualized Web server more reliable and available for DoS attacks.