Total views : 461

Mitigating Distributed Denial of Service Attack in Cloud Computing Environment using Threshold based Technique

Affiliations

  • Department of Computer Science and Engineering, Aisect University, Bhopal - 464993, Madhya Pradesh, India
  • Department of Information Technology, ABV-IIITM, Gwalior - 474015, Madhya Pradesh, India
  • Department of Electronics and Communication, Aisect University, Bhopal - 464993, Madhya Pradesh, India

Abstract


Objectives: Cloud is becoming a very assertive computing platform now a days due to the availability of resources in a customized manner. But DDoS attack is a very dangerous as it directly affects the availability of resources. So the objective of the paper is to mitigate DDoS attack in cloud network using threshold based technique. Methods/Statistical Analysis: In the proposed solution a list of faulty IP addresses has been prepared based on their performance during the Turing test and named as black list. If the request is from black list than it is directly rejected else forwarded to next step. At the second stage check whether the number of resources available are greater than the request made and also the request for resources is less than the threshold value of resource m, than the resource are allocated to that request else request is rejected. Findings: Cloud resources can be defended from the DDoS attack by any of the three defense mechanisms, i.e. DDoS attack prevention, DDoS attack detection and DDoS attack mitigation and recovery. But it is found that Attack mitigation is the easiest way to defend against the DDos attack because of easily available resources. The paper presented a technique that will easily detect and mitigate the DDos attack and it is very easy to implement with minimum cost and overhead. Application/Improvements: The proposed work can be implemented in any cloud network to save it from wasting the resources for malicious requests. For further improvement client based protection can also be implemented such that the attacker will not be able to form its army for the purpose of DDoS attack.

Keywords

Attack Mitigation, Attack Detection, Cloud Computing, DDoS Attack.

Full Text:

 |  (PDF views: 301)

References


  • Zissis D, Dimitrios L. Addressing cloud computing security issues. Elsevier Future Generation Computer Systems. 2012; 28(3):583–92.
  • Osanaiye O, Choo K. DDoS Resilience in cloud: Review and conceptual cloud mitigation framework. Journal of computers and network ap-plications, Elsevier. 2016; 67:147–65.
  • Deshmukh RV, Devadkar KK. Understanding DDoS attack & its effect in cloud. Environ Procedia Comput Sci. 2015; 49:202–10.
  • Wong F, Tan CX. A survey of trends in massive DDoS attacks and cloud-based mitigations. Int J Netw Secur Appl (IJNSA). 2014; 6(3):57–71.
  • Bhuyan MH, Bhattacharyya DK, JKalita JK. An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recogn Lett. 2015; 51:1–7.
  • Cha B, Kim J. Study of multistage anomaly detection for secured cloud computing resources in future internet. In: Proceedings of IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing (DASC), Sydney, Australia, Sydney, NSW. 2011. p. 1046–50.
  • Alireza S, Makan P, Fekih A. Taxonomy of Distributed Denial of Service mitigation approaches for cloud computing. Elsevier Journal of Network and Computer Applications. 2015; 58:165–79.
  • Mao MJLI, Humphrey M. Cloud auto-scaling with deadline and budget constraints. 11th IEEE/ACM International Conference on Grid Computing (GRID). IEEE, Brussels. 2010. p. 41–8.
  • Sarra A, Rose. DDoS Attacks in Service Clouds. In 48th Hawaii International Conference on System Sciences. IEEE Computer Society, USA. 2015. p. 5331–40.
  • Zhao K, Chen C, Zheng W. Defend against denial of service attack with VMM. Eighth International Conference on Grid and Cooperative Computing, GCC’09. IEEE, Malaysia. 2009. p. 91–6.
  • Latanicki J, Massonet P, Naqvi S, Rochwerger B, Villari M. Scalable Cloud Defences for Detection, Analysis and Mitigation of DDoS Attacks. In Future Internet Assembly. 2010; 127–37.
  • Wang H, Jia W, Dan F, Walter P, Li F, Angelos S. A moving target DDoS defence mechanism. Computer Communications. 2014; 46:10–21.
  • Rishikesh S, Gregory B, Zonghua Z. Towards Autonomic DDoS Mitigation using Software Defined Networking. SENT. 2015; 15(1):1–4.
  • HKhor K, Nakao A. Spow: On-demand cloud-based EDDoS mitigation mechanism. In Hot Dep (Fifth Workshop on Hot Topics in System Dependability), Tokya. 2009; 1–6.
  • Mueen U, Alsaqour R, Abdelhaq M. Intrusion Detection System to Detect DDoS Attack in Gnutella Hybrid P2P Network. Indian Journal of Science and Technology. 2013 Feb; 6(2):4045–57.
  • Munivara KP, Mohan AR, Venugopal RK. Anomaly based Real Time Prevention of under Rated App-DDOS Attacks on Web: An Experiential Metrics based Machine Learning Approach. Indian Journal of Science and Technology. 2016 Jul; 9(27):1–10.
  • Kumar JD, Srikanth V, Tejeswini L. Email Phishing attack mitigation using server side email addon. Indian Journal of Science and Technology. 2016 May; 9(19):1–5.
  • Saad RAA, Almomani A, Altaher A, Gupta BB, Manickam S. ICMPv6 Flood Attack Detection using DENFIS Algorithms. Indian Journal of Science and Technology. 2014 Jan; 7(2):168–73.
  • Mahmoudreza T. Immediate Detection of DDoS Attacks with using NetFlow on Cisco Devices IOS. Indian Journal of Science and Technology. 2016 Jul; 9(26):1–7.

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.