The Use of Anomaly Detection for the Detection of Different Types of DDoS Attacks in Cloud Environment

2021 ◽  
Author(s):  
Hossein Abbasi ◽  
Naser Ezzati-Jivan ◽  
Martine Bellaiche ◽  
Chamseddine Talhi ◽  
Michel R. Dagenais
Keyword(s):  
Anomaly Detection ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Different Types

scholarly journals The Slow HTTP DDOS Attacks: Detection, Mitigation and Prevention in the Cloud Environment

2019 ◽  
Vol 20 (4) ◽  
pp. 669-685
Author(s):  
A. Dhanapal ◽  
P. Nithyanandam
Keyword(s):  
Web Applications ◽  
Denial Of Service ◽  
Classification Model ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Multi Stage ◽  
Investment Cost ◽  
Different Types ◽  
The Cost ◽  
Online Web

Cloud computing is the latest buzzword and cutting-edge technology. The cost-efficiency, easy to operate, on-demand services, availability, makes the cloud so popular. The online web applications based on the internet such as E-Healthcare, E-Commerce are moving to the cloud to reduce the operating investment cost. These applications are vulnerable to slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. This kind of attacks aims to consume the resources of the application as well as the hosting system so that to bring down the services. The various forms of the slow HTTP DDoS are HTTP header attack, HTTP body attack and HTTP read attack. Due to the nature of mimicking the slow network behaviour, this attack is very challenging to detect. This is even more difficult to identify in the cloud environment as it has multiple attack paths. Theweb applications running in the cloud should have been safeguarded from the slow HTTP DDoS attacks. This paper proposed a novel multi-stage zone-based classification model to identify, mitigate and prevent the slow HTTP DDoS attacks in the cloud environment. The solution is implemented using the OpenStack cloud environment. The open-source slowHTTPTest tool is used to generate different types of slow HTTP DDoS attacks.

scholarly journals Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Mohamed Idhammad ◽  
Karim Afdel ◽  
Mustapha Belouch
Keyword(s):  
Random Forest ◽  
Network Traffic ◽  
Learning Algorithm ◽  
Detection System ◽  
Cloud Services ◽  
Detection Accuracy ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Information Theoretic ◽  
Computing Services

Cloud Computing services are often delivered through HTTP protocol. This facilitates access to services and reduces costs for both providers and end-users. However, this increases the vulnerabilities of the Cloud services face to HTTP DDoS attacks. HTTP request methods are often used to address web servers’ vulnerabilities and create multiple scenarios of HTTP DDoS attack such as Low and Slow or Flooding attacks. Existing HTTP DDoS detection systems are challenged by the big amounts of network traffic generated by these attacks, low detection accuracy, and high false positive rates. In this paper we present a detection system of HTTP DDoS attacks in a Cloud environment based on Information Theoretic Entropy and Random Forest ensemble learning algorithm. A time-based sliding window algorithm is used to estimate the entropy of the network header features of the incoming network traffic. When the estimated entropy exceeds its normal range the preprocessing and the classification tasks are triggered. To assess the proposed approach various experiments were performed on the CIDDS-001 public dataset. The proposed approach achieves satisfactory results with an accuracy of 99.54%, a FPR of 0.4%, and a running time of 18.5s.

scholarly journals Mathematical model on distributed denial of service attack through Internet of things in a network

2019 ◽  
Vol 8 (1) ◽  
pp. 486-495 ◽  
Author(s):  
Bimal Kumar Mishra ◽  
Ajit Kumar Keshri ◽  
Dheeresh Kumar Mallick ◽  
Binay Kumar Mishra
Keyword(s):  
Mathematical Model ◽  
Internet Of Things ◽  
Equilibrium Points ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Different Types ◽  
Service Attack ◽  
Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

A Proactive Approach to Intrusion Detection in Cloud Software as a Service

2015 ◽  
pp. 287-305
Author(s):  
Baldev Singh ◽  
Surya Narayan Panda
Keyword(s):  
Cloud Computing ◽  
Virtual Machine ◽  
Cloud Security ◽  
Dynamic Threshold ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Security Measures ◽  
Malicious User ◽  
Proactive Approach ◽  
User Activities

Cloud computing environment is very much malicious intrusion prone hence cloud security is very vital. Existing network security mechanisms face new challenges in the cloud such as DDOS attacks, virtual machine intrusion attacks and malicious user activities. This chapter includes brief introduction about cloud computing, concept of virtualization, cloud security, various DDOS attacks, tools to run these attacks & various techniques to detect these attacks, review of threshold methods used for detection of DDOS attacks & abnormal network behavior and proposed dynamic threshold based algorithmic approach. Although various cloud security measures are prevailing to avoid virtual machine attacks and malicious user activities but these are not foolproof. Hence, new security methods are required to increase users' level of trust in clouds. By scrubbing traffic at major Internet points and backbone connection, a defense line is created for mitigation of DDOS attacks. Dynamic threshold algorithm based approach is proposed as a proactive approach to detect DDOS attacks for achieving secure cloud environment.

Security of the Cloud

2015 ◽  
pp. 363-404 ◽  
Author(s):  
Khalid Al-Begain ◽  
Michal Zak ◽  
Wael Alosaimi ◽  
Charles Turyagyenda
Keyword(s):  
Service Providers ◽  
Denial Of Service ◽  
Cloud Service ◽  
Future Research ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Security Attacks ◽  
Edos Attacks ◽  
Future Research Directions ◽  
Cloud Users

The chapter presents current security concerns in the Cloud Computing Environment. The cloud concept and operation raise many concerns for cloud users since they have no control of the arrangements made to protect the services and resources offered. Additionally, it is obvious that many of the cloud service providers will be subject to significant security attacks. Some traditional security attacks such as the Denial of Service attacks (DoS) and distributed DDoS attacks are well known, and there are several proposed solutions to mitigate their impact. However, in the cloud environment, DDoS becomes more severe and can be coupled with Economical Denial of Sustainability (EDoS) attacks. The chapter presents a general overview of cloud security, the types of vulnerabilities, and potential attacks. The chapter further presents a more detailed analysis of DDoS attacks' launch mechanisms and well-known DDoS defence mechanisms. Finally, the chapter presents a DDoS-Mitigation system and potential future research directions.

Security of the Cloud

2018 ◽  
pp. 1511-1554
Author(s):  
Khalid Al-Begain ◽  
Michal Zak ◽  
Wael Alosaimi ◽  
Charles Turyagyenda
Keyword(s):  
Service Providers ◽  
Denial Of Service ◽  
Cloud Service ◽  
Future Research ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Security Attacks ◽  
Edos Attacks ◽  
Future Research Directions ◽  
Cloud Users

The chapter presents current security concerns in the Cloud Computing Environment. The cloud concept and operation raise many concerns for cloud users since they have no control of the arrangements made to protect the services and resources offered. Additionally, it is obvious that many of the cloud service providers will be subject to significant security attacks. Some traditional security attacks such as the Denial of Service attacks (DoS) and distributed DDoS attacks are well known, and there are several proposed solutions to mitigate their impact. However, in the cloud environment, DDoS becomes more severe and can be coupled with Economical Denial of Sustainability (EDoS) attacks. The chapter presents a general overview of cloud security, the types of vulnerabilities, and potential attacks. The chapter further presents a more detailed analysis of DDoS attacks' launch mechanisms and well-known DDoS defence mechanisms. Finally, the chapter presents a DDoS-Mitigation system and potential future research directions.

scholarly journals Adaptive Anomaly Detection Framework Model Objects in Cyberspace

2020 ◽  
Vol 2020 ◽  
pp. 1-14
Author(s):  
Hasan Alkahtani ◽  
Theyazn H. H. Aldhyani ◽  
Mohammed Al-Yaari
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Network Security ◽  
Anomaly Detection ◽  
Denial Of Service ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Support Vector ◽  
Ddos Attacks ◽  
Framework Model

Telecommunication has registered strong and rapid growth in the past decade. Accordingly, the monitoring of computers and networks is too complicated for network administrators. Hence, network security represents one of the biggest serious challenges that can be faced by network security communities. Taking into consideration the fact that e-banking, e-commerce, and business data will be shared on the computer network, these data may face a threat from intrusion. The purpose of this research is to propose a methodology that will lead to a high level and sustainable protection against cyberattacks. In particular, an adaptive anomaly detection framework model was developed using deep and machine learning algorithms to manage automatically-configured application-level firewalls. The standard network datasets were used to evaluate the proposed model which is designed for improving the cybersecurity system. The deep learning based on Long-Short Term Memory Recurrent Neural Network (LSTM-RNN) and machine learning algorithms namely Support Vector Machine (SVM), K-Nearest Neighbor (K-NN) algorithms were implemented to classify the Denial-of-Service attack (DoS) and Distributed Denial-of-Service (DDoS) attacks. The information gain method was applied to select the relevant features from the network dataset. These network features were significant to improve the classification algorithm. The system was used to classify DoS and DDoS attacks in four stand datasets namely KDD cup 199, NSL-KDD, ISCX, and ICI-ID2017. The empirical results indicate that the deep learning based on the LSTM-RNN algorithm has obtained the highest accuracy. The proposed system based on the LSTM-RNN algorithm produced the highest testing accuracy rate of 99.51% and 99.91% with respect to KDD Cup’99, NSL-KDD, ISCX, and ICI-Id2017 datasets, respectively. A comparative result analysis between the machine learning algorithms, namely SVM and KNN, and the deep learning algorithms based on the LSTM-RNN model is presented. Finally, it is concluded that the LSTM-RNN model is efficient and effective to improve the cybersecurity system for detecting anomaly-based cybersecurity.

A Novel Approach to Develop and Deploy Preventive Measures for Different Types of DDoS Attacks

2020 ◽  
Vol 14 (2) ◽  
pp. 1-19
Author(s):  
Khundrakpam Johnson Singh ◽  
Janggunlun Haokip ◽  
Usham Sanjota Chanu
Keyword(s):  
Preventive Measures ◽  
Denial Of Service ◽  
External Environment ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
New Era ◽  
Denial Of Service Attack ◽  
Novel Approach ◽  
Different Types ◽  
Service Attack

In the new era of computers, everyone relies on the internet for basic day-to-day activities to sophisticated and secret tasks. The cyber threats are increasing, not only theft and manipulation of someone's information, but also forcing the victim to deny other requests. A DDoS (Distributed Denial of Service) attack, which is one of the serious issues in today's cyber world needs to be detected and their advance towards the server should be blocked. In the article, the authors are focusing mainly on preventive measures of different types of DDoS attacks using multiple IPtables rules and Windows firewall advance security settings configuration, which would be feasibly free on any PC. The IPtables when appropriately selected and implemented can establish a relatively secure barrier for the system and the external environment.

Comprehensive Study of Various Techniques for Detecting DDoS Attacks in Cloud Environment

2015 ◽  
Vol 8 (3) ◽  
pp. 119-126 ◽  
Author(s):  
Navdeep Singh ◽  
Abhinav Hans ◽  
Kapil Kumar ◽  
Mohit Pal Singh Birdi
Keyword(s):  
Cloud Environment ◽  
Ddos Attacks ◽  
Comprehensive Study
Sign in / Sign up

Export Citation Format

Share Document