**6.3 Comparing single- and three-tier architectures**

DDoS attacks were performed on single-tier and the proposed three-tier infrastructure architecture and results gathered for real user monitoring parameters during the network attacks (**Figure 12**).

**Figure 12.**

*Network and web defense trends.*


#### **Figure 13.**

*Single-tier attack parameters.*


#### **Figure 14.** *Single-tier application attack logs.*

#### **6.4 Single-tier logs and data analysis**

The below data and graphs illustrate the network firewall and application layer logs and graphs for the DDoS attack performed on single-tier data center architecture in order to determine the resilience for handling DDoS attacks. In **Figure 13** network

**29**

**Figure 16.**

*Three-tier attack logs.*

**Figure 15.**

*Single-tier network attack parameters.*

*Cloud Computing Security Services to Mitigate DDoS Attacks*

throughput, and application response as the key values.

page load response, and application server response.

firewall defense is implemented after attack#2 with ICMP, page load, browser

layer attack on single-tier network infrastructure in which application firewall defense is implemented after attack#2 with ICMP, page load, browser throughput,

**Figure 14** illustrates real user monitoring values obtained during an application

Results of single-tier architecture attacks obtained before and during the DDoS attack are presented in **Figure 15**. This has the average ICMP, browser throughput,

*DOI: http://dx.doi.org/10.5772/intechopen.92683*

and application response key values.

### *Cloud Computing Security Services to Mitigate DDoS Attacks DOI: http://dx.doi.org/10.5772/intechopen.92683*

firewall defense is implemented after attack#2 with ICMP, page load, browser throughput, and application response as the key values.

**Figure 14** illustrates real user monitoring values obtained during an application layer attack on single-tier network infrastructure in which application firewall defense is implemented after attack#2 with ICMP, page load, browser throughput, and application response key values.

Results of single-tier architecture attacks obtained before and during the DDoS attack are presented in **Figure 15**. This has the average ICMP, browser throughput, page load response, and application server response.

#### **Figure 15.**

*Cloud Computing Security - Concepts and Practice*

**28**

**Figure 14.**

**Figure 13.**

**Figure 12.**

*Network and web defense trends.*

*Single-tier attack parameters.*

**6.4 Single-tier logs and data analysis**

*Single-tier application attack logs.*

The below data and graphs illustrate the network firewall and application layer logs and graphs for the DDoS attack performed on single-tier data center architecture in order to determine the resilience for handling DDoS attacks. In **Figure 13** network

*Single-tier network attack parameters.*

