scholarly journals A statistical and distributed packet filter against DDoS attacks in Cloud environment

Sadhana ◽  
2018 ◽  
Vol 43 (3) ◽  
Author(s):  
VIKASH C PANDEY ◽  
SATEESH K PEDDOJU ◽  
PRACHI S DESHPANDE
Keyword(s):  
Cloud Environment ◽  
Ddos Attacks ◽  
Packet Filter

scholarly journals Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Mohamed Idhammad ◽  
Karim Afdel ◽  
Mustapha Belouch
Keyword(s):  
Random Forest ◽  
Network Traffic ◽  
Learning Algorithm ◽  
Detection System ◽  
Cloud Services ◽  
Detection Accuracy ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Information Theoretic ◽  
Computing Services

Cloud Computing services are often delivered through HTTP protocol. This facilitates access to services and reduces costs for both providers and end-users. However, this increases the vulnerabilities of the Cloud services face to HTTP DDoS attacks. HTTP request methods are often used to address web servers’ vulnerabilities and create multiple scenarios of HTTP DDoS attack such as Low and Slow or Flooding attacks. Existing HTTP DDoS detection systems are challenged by the big amounts of network traffic generated by these attacks, low detection accuracy, and high false positive rates. In this paper we present a detection system of HTTP DDoS attacks in a Cloud environment based on Information Theoretic Entropy and Random Forest ensemble learning algorithm. A time-based sliding window algorithm is used to estimate the entropy of the network header features of the incoming network traffic. When the estimated entropy exceeds its normal range the preprocessing and the classification tasks are triggered. To assess the proposed approach various experiments were performed on the CIDDS-001 public dataset. The proposed approach achieves satisfactory results with an accuracy of 99.54%, a FPR of 0.4%, and a running time of 18.5s.

A Proactive Approach to Intrusion Detection in Cloud Software as a Service

2015 ◽  
pp. 287-305
Author(s):  
Baldev Singh ◽  
Surya Narayan Panda
Keyword(s):  
Cloud Computing ◽  
Virtual Machine ◽  
Cloud Security ◽  
Dynamic Threshold ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Security Measures ◽  
Malicious User ◽  
Proactive Approach ◽  
User Activities

Cloud computing environment is very much malicious intrusion prone hence cloud security is very vital. Existing network security mechanisms face new challenges in the cloud such as DDOS attacks, virtual machine intrusion attacks and malicious user activities. This chapter includes brief introduction about cloud computing, concept of virtualization, cloud security, various DDOS attacks, tools to run these attacks & various techniques to detect these attacks, review of threshold methods used for detection of DDOS attacks & abnormal network behavior and proposed dynamic threshold based algorithmic approach. Although various cloud security measures are prevailing to avoid virtual machine attacks and malicious user activities but these are not foolproof. Hence, new security methods are required to increase users' level of trust in clouds. By scrubbing traffic at major Internet points and backbone connection, a defense line is created for mitigation of DDOS attacks. Dynamic threshold algorithm based approach is proposed as a proactive approach to detect DDOS attacks for achieving secure cloud environment.

Security of the Cloud

2015 ◽  
pp. 363-404 ◽  
Author(s):  
Khalid Al-Begain ◽  
Michal Zak ◽  
Wael Alosaimi ◽  
Charles Turyagyenda
Keyword(s):  
Service Providers ◽  
Denial Of Service ◽  
Cloud Service ◽  
Future Research ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Security Attacks ◽  
Edos Attacks ◽  
Future Research Directions ◽  
Cloud Users

The chapter presents current security concerns in the Cloud Computing Environment. The cloud concept and operation raise many concerns for cloud users since they have no control of the arrangements made to protect the services and resources offered. Additionally, it is obvious that many of the cloud service providers will be subject to significant security attacks. Some traditional security attacks such as the Denial of Service attacks (DoS) and distributed DDoS attacks are well known, and there are several proposed solutions to mitigate their impact. However, in the cloud environment, DDoS becomes more severe and can be coupled with Economical Denial of Sustainability (EDoS) attacks. The chapter presents a general overview of cloud security, the types of vulnerabilities, and potential attacks. The chapter further presents a more detailed analysis of DDoS attacks' launch mechanisms and well-known DDoS defence mechanisms. Finally, the chapter presents a DDoS-Mitigation system and potential future research directions.

Security of the Cloud

2018 ◽  
pp. 1511-1554
Author(s):  
Khalid Al-Begain ◽  
Michal Zak ◽  
Wael Alosaimi ◽  
Charles Turyagyenda
Keyword(s):  
Service Providers ◽  
Denial Of Service ◽  
Cloud Service ◽  
Future Research ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Security Attacks ◽  
Edos Attacks ◽  
Future Research Directions ◽  
Cloud Users

The chapter presents current security concerns in the Cloud Computing Environment. The cloud concept and operation raise many concerns for cloud users since they have no control of the arrangements made to protect the services and resources offered. Additionally, it is obvious that many of the cloud service providers will be subject to significant security attacks. Some traditional security attacks such as the Denial of Service attacks (DoS) and distributed DDoS attacks are well known, and there are several proposed solutions to mitigate their impact. However, in the cloud environment, DDoS becomes more severe and can be coupled with Economical Denial of Sustainability (EDoS) attacks. The chapter presents a general overview of cloud security, the types of vulnerabilities, and potential attacks. The chapter further presents a more detailed analysis of DDoS attacks' launch mechanisms and well-known DDoS defence mechanisms. Finally, the chapter presents a DDoS-Mitigation system and potential future research directions.

Comprehensive Study of Various Techniques for Detecting DDoS Attacks in Cloud Environment

2015 ◽  
Vol 8 (3) ◽  
pp. 119-126 ◽  
Author(s):  
Navdeep Singh ◽  
Abhinav Hans ◽  
Kapil Kumar ◽  
Mohit Pal Singh Birdi
Keyword(s):  
Cloud Environment ◽  
Ddos Attacks ◽  
Comprehensive Study

A Proactive Approach to Intrusion Detection in Cloud Software as a Service

2019 ◽  
pp. 621-638
Author(s):  
Baldev Singh ◽  
Surya Narayan Panda
Keyword(s):  
Cloud Computing ◽  
Virtual Machine ◽  
Cloud Security ◽  
Dynamic Threshold ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Security Measures ◽  
Malicious User ◽  
Proactive Approach ◽  
User Activities

Cloud computing environment is very much malicious intrusion prone hence cloud security is very vital. Existing network security mechanisms face new challenges in the cloud such as DDOS attacks, virtual machine intrusion attacks and malicious user activities. This chapter includes brief introduction about cloud computing, concept of virtualization, cloud security, various DDOS attacks, tools to run these attacks & various techniques to detect these attacks, review of threshold methods used for detection of DDOS attacks & abnormal network behavior and proposed dynamic threshold based algorithmic approach. Although various cloud security measures are prevailing to avoid virtual machine attacks and malicious user activities but these are not foolproof. Hence, new security methods are required to increase users' level of trust in clouds. By scrubbing traffic at major Internet points and backbone connection, a defense line is created for mitigation of DDOS attacks. Dynamic threshold algorithm based approach is proposed as a proactive approach to detect DDOS attacks for achieving secure cloud environment.

Sign in / Sign up

Export Citation Format

Share Document