摘要 |
A method, an apparatus and a system for preventing DDoS (Distributed Denial of Service) attacks in a cloud system. The method for preventing DDoS attacks in a cloud system includes: monitoring, by a protection node in a cloud system, data traffic input into virtual machines, where the cloud system includes the protection node and multiple virtual machines, and data streams communicated between the virtual machines pass through the protection node; extracting data streams to be input into virtual machines if it is detected that the data traffic input into the virtual machines is abnormal; sending the extracted data streams to a traffic cleaning apparatus for cleaning; receiving the data streams cleaned by the traffic cleaning apparatus; and inputting the cleaned data streams into the virtual machines. The technical solutions provided in the embodiments of the present disclosure can effectively prevent DDoS attacks between virtual machines in the cloud system. |