DDoS Attacks in Service Clouds

@article{Alqahtani2015DDoSAI,
  title={DDoS Attacks in Service Clouds},
  author={Sarra M. Alqahtani and Rose F. Gamble},
  journal={2015 48th Hawaii International Conference on System Sciences},
  year={2015},
  pages={5331-5340}
}
The scalability and dynamic configuration of service clouds can be susceptible to Distributed Denial of Service (DDoS) attacks. [] Key Method The detection approach is composed of four levels such that each level detects symptoms of DDoS attacks from its local data. The detection results of all levels are corroborated to confirm the victim and attacking services. We evaluate our proposed solution by using a random dataset. The results indicate that it is a promising solution to mitigate the DDoS attack in…

Figures and Tables from this paper

Service resizing for quick DDoS mitigation in cloud computing environment
TLDR
A supporting framework for the DDoS mitigation services is proposed, by assisting in reducing the attack mitigation time and the overall downtime, and comprises of an affinity-based victim-service resizing algorithm to provide performance isolation, and a TCP tuning technique to quickly free the attack connections, hence minimizing the attack cooling down period.
Detection Techniques for DDoS Attacks in Cloud Environment: Review Paper
TLDR
A review of many detection techniques that are useful in spotting DDoS attacks that are cloud-based and a comparative analysis between them is made to find a suitable technique for spotting these cloud computing based DDoS attack.
Slow flooding attack detection in cloud using change point detection approach
TLDR
Change Point detection approach is proposed here to detect flooding DDOS attacks in cloud which are based on the continuous variant pattern of voluminous (flooding) traffic and is calculated by using various traffic data based metrics that are primary and computed in nature.
Detection of High-Rate Distributed Denial of Service Attack using Entropy Metrics in Cloud Computing Environment
TLDR
This research work focus on proposing an effective lightweight detection method established on Entropy Metrics for detecting DDoS attack, and the Correlation Metric is used for identifying the malicious traffic with effective window size followed by the conventional entropy computation.
AVDR: A Framework for Migration Policy to Handle DDoS Attacked VM in Cloud
TLDR
Proposed AVDR framework improves the performance of existing migration policies and reduces the collateral damages in DDoS attacks by based on attack strength, and a linear model to evaluate ‘ $$Y_{as}$$ ’ is proposed.
Mitigating Distributed Denial of Service Attack in Cloud Computing Environment using Threshold based Technique
TLDR
The paper presented a technique that will easily detect and mitigate the DDos attack and it is very easy to implement with minimum cost and overhead.
Verifying the Detection Results of Impersonation Attacks in Service Clouds
TLDR
This paper develops a distributed mechanism to detect and mitigate impersonation attacks against web services in the cloud, which facilitates the composition and communication among web services owned by different cloud vendors.
...
...

References

SHOWING 1-10 OF 33 REFERENCES
CBF: A Packet Filtering Method for DDoS Attack Defense in Cloud Environment
TLDR
The result shows that CBF has a high scoring speed, a small storage requirement and an acceptable filtering accuracy, making it suitable for real-time filtering in cloud environment.
Countering DDoS and XDoS Attacks against Web Services
  • Xinfeng Ye
  • Computer Science
    2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing
  • 2008
TLDR
This paper proposes a scheme for building a defense system against DDoS and XDoS attacks, built on Web Services that can be constructed and reconfigured easily by an attack victim.
Embedding a Distributed Auditing Mechanism in the Service Cloud
TLDR
An auditing framework for the service cloud that distributes logging, monitoring, and reporting at the local service level, at the application or session level that can involve multiple tenant services, and at the cloud level where corroboration and verification of threats takes place is presented.
A Service Architecture for Countering Distributed Denial of Service Attacks
  • Fareed Zaffar, G. Kedem
  • Computer Science
    21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07)
  • 2007
TLDR
AMP does not require universal deployment and is complementary to other schemes for countering dDoS attacks, however with the use of collaborative policing techniques, the performance of the scheme can be improved greatly.
EDoS-Shield - A Two-Steps Mitigation Technique against EDoS Attacks in Cloud Computing
TLDR
This paper advocates a novel solution, named EDoS-Shield, to mitigate the Economic Denial of Sustainability (EDoS) attack in the cloud computing systems and designs a discrete simulation experiment to evaluate its performance and shows that it is a promising solution to mitigateThe EDoS.
Validating Denial of Service Vulnerabilities in Web Services
TLDR
This paper describes experiments involving several denial of service vulnerabilities in well-known web services platforms, including Java Metro, Apache Axis, and Microsoft.NET, to confirm and deny the presence of some of the most well- known vulnerabilities in web services technologies.
The Accountability Problem of Flooding Attacks in Service-Oriented Architectures
TLDR
The problem of accountability is presented, referring to the issue of resolving the attacker in a highly distributed service-oriented application, using a general flooding attack model, to illustrate the problem's parameters and to discuss some general solution approaches.
Parametric Differences between a Real-world Distributed Denial-of-Service Attack and a Flash Event
TLDR
This paper proposes parameters which can be used to explicitly distinguish FEs from DDoS attacks and analyse two real-world publicly available datasets to validate the proposal.
Intrusion Tolerant Approach for Denial of Service Attacks to Web Services
  • M. Ficco, M. Rak
  • Computer Science
    2011 First International Conference on Data Compression, Communications and Processing
  • 2011
TLDR
Preliminary experimental results show that the proposed approach results in a better performance of the Intrusion Detection Systems, in terms of increasing diagnosis capacity as well as reducing the service unavailability during an intrusion.
Triangle-Area-Based Multivariate Correlation Analysis for Effective Denial-of-Service Attack Detection
TLDR
The proposed system applies the idea of Multivariate Correlation Analysis (MCA) to network traffic characterization and employs the principal of anomaly-based detection in attack recognition and outperforms two state-of-the-art approaches.
...
...