scholarly journals Performance Analysis of an Effective Approach to Protect Cloud Systems against Application Layer Based Attacks

2019 ◽  
Vol 15 (03) ◽  
pp. 82
Author(s):  
Hosam F. El-Sofany ◽  
Samir Abou El-Seoud
Keyword(s):  
Cloud Computing ◽  
Web Applications ◽  
Complexity Analysis ◽  
Denial Of Service ◽  
Ddos Attacks ◽  
Application Layer ◽  
Analysis Model ◽  
New Paradigm ◽  
Dos Attacks ◽  
Web Based

Cloud computing is a new paradigm for hosting hardware and software resources and provides a web-based services to organizations and consumers. It also provides an easy to use and on-demand access to cloud based computing resources that can be published by easy, minimal administration and with a great efficiency. Services of cloud computing are accessing and sharing through internet connection thus it is open for attacker to attack on its security. Application layer based attacks is one of Distributed Denial of Service attacks (DDoS) that can cause a big problem in cloud security. The main objective of DDoS attacks is to infect computer resources (e.g., software applications, network, CPU, etc.) and make them not working properly for the authorized users. In DDoS, the attacker tries to overload the web-based service with traffic. HTTP and XML-based DDoS attacks are founded under the application layer based category of DoS attacks. This category of attack is focused on particular web applications. The main objective of this research paper is to introduce an effective approach to protect cloud-based systems against application layer based attacks. Complexity analysis, effectiveness and performance evaluations of the presented approach are presented.  The feedbacks of the experimental results were highly promising, for protecting cloud computing systems against both DoS and DDoS attacks. Correlation analysis model is also used to validate the efficiency of the proposed approach.

HULK and DDoS Attacks in Web Applications with Detection Mechanism

2018 ◽  
Vol 6 (6) ◽  
pp. 192
Author(s):  
Amit Sharma
Keyword(s):  
Web Applications ◽  
Denial Of Service ◽  
Single Server ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Application Layer ◽  
Detection Mechanism ◽  
Plan Execution ◽  
Social Affair ◽  
Server Application

Distributed Denial of Service attacks are significant dangers these days over web applications and web administrations. These assaults pushing ahead towards application layer to procure furthermore, squander most extreme CPU cycles. By asking for assets from web benefits in gigantic sum utilizing quick fire of solicitations, assailant robotized programs use all the capacity of handling of single server application or circulated environment application. The periods of the plan execution is client conduct checking and identification. In to beginning with stage by social affair the data of client conduct and computing individual user’s trust score will happen and Entropy of a similar client will be ascertained. HTTP Unbearable Load King (HULK) attacks are also evaluated. In light of first stage, in recognition stage, variety in entropy will be watched and malevolent clients will be recognized. Rate limiter is additionally acquainted with stop or downsize serving the noxious clients. This paper introduces the FAÇADE layer for discovery also, hindering the unapproved client from assaulting the framework.

Multi-Aspect DDOS Detection System for Securing Cloud Network

2019 ◽  
pp. 1952-1983
Author(s):  
Pourya Shamsolmoali ◽  
Masoumeh Zareapoor ◽  
M.Afshar Alam
Keyword(s):  
Cloud Computing ◽  
Detection System ◽  
Denial Of Service ◽  
Complex Form ◽  
Internet Security ◽  
Detection Methods ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Ddos Detection ◽  
Cloud Network

Distributed Denial of Service (DDoS) attacks have become a serious attack for internet security and Cloud Computing environment. This kind of attacks is the most complex form of DoS (Denial of Service) attacks. This type of attack can simply duplicate its source address, such as spoofing attack, which defending methods do not able to disguises the real location of the attack. Therefore, DDoS attack is the most significant challenge for network. In this chapter we present different aspect of security in Cloud Computing, mostly we concentrated on DDOS Attacks. The Authors illustrated all types of Dos Attacks and discussed the most effective detection methods.

Multi-Aspect DDOS Detection System for Securing Cloud Network

2017 ◽  
pp. 222-252
Author(s):  
Pourya Shamsolmoali ◽  
Masoumeh Zareapoor ◽  
M.Afshar Alam
Keyword(s):  
Cloud Computing ◽  
Detection System ◽  
Denial Of Service ◽  
Complex Form ◽  
Internet Security ◽  
Detection Methods ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Ddos Detection ◽  
Cloud Network

Distributed Denial of Service (DDoS) attacks have become a serious attack for internet security and Cloud Computing environment. This kind of attacks is the most complex form of DoS (Denial of Service) attacks. This type of attack can simply duplicate its source address, such as spoofing attack, which defending methods do not able to disguises the real location of the attack. Therefore, DDoS attack is the most significant challenge for network. In this chapter we present different aspect of security in Cloud Computing, mostly we concentrated on DDOS Attacks. The Authors illustrated all types of Dos Attacks and discussed the most effective detection methods.

scholarly journals SOFT COMPUTING BASED AUTONOMOUS LOW RATE DDOS ATTACK DETECTION AND SECURITY FOR CLOUD COMPUTING

2019 ◽  
Vol 2019 (2) ◽  
pp. 80-90 ◽  
Author(s):  
Mugunthan S. R.
Keyword(s):  
Cloud Computing ◽  
Soft Computing ◽  
High Speed ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Counter Measures ◽  
Cloud Architecture ◽  
Ddos Attack Detection ◽  
Low Rate

The fundamental advantage of the cloud environment is its instant scalability in rendering the service according to the various demands. The recent technological growth in the cloud computing makes it accessible to people from everywhere at any time. Multitudes of user utilizes the cloud platform for their various needs and store their complete details that are personnel as well as confidential in the cloud architecture. The storage of the confidential information makes the cloud architecture attractive to its hackers, who aim in misusing the confidential/secret information’s. The misuse of the services and the resources of the cloud architecture has become a common issue in the day to day usage due to the DDOS (distributed denial of service) attacks. The DDOS attacks are highly mature and continue to grow at a high speed making the detecting and the counter measures a challenging task. So the paper uses the soft computing based autonomous detection for the Low rate-DDOS attacks in the cloud architecture. The proposed method utilizes the hidden Markov Model for observing the flow in the network and the Random forest in classifying the detected attacks from the normal flow. The proffered method is evaluated to measure the performance improvement attained in terms of the Recall, Precision, specificity, accuracy and F-measure.

Auditing Defense Against XSS Worms in Online Social Network-Based Web Applications

2018 ◽  
pp. 879-909
Author(s):  
Pooja Chaudhary ◽  
Shashank Gupta ◽  
B. B. Gupta
Keyword(s):  
Social Network ◽  
Cyber Security ◽  
Web Applications ◽  
Online Social Network ◽  
Denial Of Service ◽  
Future Research ◽  
Ddos Attacks ◽  
Research Guidelines ◽  
High Level ◽  
Precise Interpretation

Nowadays, users of Online Social Network (OSN) are less familiar with cyber security threats that occur in such networks, comprising Cross-Site Scripting (XSS) worms, Distributed Denial of Service (DDoS) attacks, Phishing, etc. Numerous defensive methodologies exist for mitigating the effect of DDoS attacks and Phishing vulnerabilities from OSN. However, till now, no such robust defensive solution is proposed for the complete alleviation of XSS worms from such networks. This chapter discusses the detailed incidences of XSS attacks in the recent period on the platforms of OSN. A high level of taxonomy of XSS worms is illustrated in this article for the precise interpretation of its exploitation in multiple applications of OSN like Facebook, Twitter, LinkedIn, etc. We have also discussed the key contributions of current defensive solutions of XSS attacks on the existing platforms of OSN. Based on this study, we identified the current performance issues in these existing solutions and recommend future research guidelines.

Auditing Defense against XSS Worms in Online Social Network-Based Web Applications

2016 ◽  
pp. 216-245 ◽  
Author(s):  
Pooja Chaudhary ◽  
Shashank Gupta ◽  
B. B. Gupta
Keyword(s):  
Social Network ◽  
Cyber Security ◽  
Web Applications ◽  
Online Social Network ◽  
Denial Of Service ◽  
Future Research ◽  
Ddos Attacks ◽  
Research Guidelines ◽  
High Level ◽  
Precise Interpretation

Nowadays, users of Online Social Network (OSN) are less familiar with cyber security threats that occur in such networks, comprising Cross-Site Scripting (XSS) worms, Distributed Denial of Service (DDoS) attacks, Phishing, etc. Numerous defensive methodologies exist for mitigating the effect of DDoS attacks and Phishing vulnerabilities from OSN. However, till now, no such robust defensive solution is proposed for the complete alleviation of XSS worms from such networks. This chapter discusses the detailed incidences of XSS attacks in the recent period on the platforms of OSN. A high level of taxonomy of XSS worms is illustrated in this article for the precise interpretation of its exploitation in multiple applications of OSN like Facebook, Twitter, LinkedIn, etc. We have also discussed the key contributions of current defensive solutions of XSS attacks on the existing platforms of OSN. Based on this study, we identified the current performance issues in these existing solutions and recommend future research guidelines.

Mitigate DoS and DDoS Attack in Mobile Ad Hoc Networks

2011 ◽  
Vol 3 (1) ◽  
pp. 14-36 ◽  
Author(s):  
Antonis Michalas ◽  
Nikos Komninos ◽  
Neeli R. Prasad
Keyword(s):  
Game Theory ◽  
Ad Hoc Networks ◽  
Ad Hoc Network ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Mobile Ad Hoc ◽  
Hoc Networks ◽  
Cryptographic Puzzles

This paper proposes a technique to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in Ad Hoc Networks. The technique is divided into two main parts and with game theory and cryptographic puzzles. Introduced first is a new client puzzle to prevent DoS attacks in such networks. The second part presents a multiplayer game that takes place between the nodes of an ad hoc network and based on fundamental principles of game theory. By combining computational problems with puzzles, improvement occurs in the efficiency and latency of the communicating nodes and resistance in DoS and DDoS attacks. Experimental results show the effectiveness of the approach for devices with limited resources and for environments like ad hoc networks where nodes must exchange information quickly.

TRAWLING TRAFFIC UNDER ATTACK OVERCOMING DDoS ATTACKS BY TARGET-CONTROLLED TRAFFIC FILTERING

2011 ◽  
Vol 22 (05) ◽  
pp. 1073-1098
Author(s):  
SHLOMI DOLEV ◽  
YUVAL ELOVICI ◽  
ALEX KESSELMAN ◽  
POLINA ZILBERMAN
Keyword(s):  
Denial Of Service ◽  
The Internet ◽  
Traffic Classification ◽  
Classification Rules ◽  
Ddos Attacks ◽  
Dos Attack ◽  
Dos Attacks ◽  
Worst Case ◽  
Filtering Algorithm ◽  
Internet Community

As more and more services are provided by servers via the Internet, Denial-of-Service (DoS) attacks pose an increasing threat to the Internet community. A DoS attack overloads the target server with a large volume of adverse requests, thereby rendering the server unavailable to "well-behaved" users. In this paper, we propose two algorithms that allow attack targets to dynamically filter their incoming traffic based on a distributed policy. The proposed algorithms defend the target against DoS and distributed DoS (DDoS) attacks and simultaneously ensure that it continues to serve "well-behaved" users. In a nutshell, a target can define a filtering policy which consists of a set of traffic classification rules and the corresponding amounts of traffic for each rule. A filtering algorithm is enforced by the ISP's routers when a target is being overloaded with traffic. The goal is to maximize the amount of filtered traffic forwarded to the target, according to the filtering policy, from the ISP. The first proposed algorithm is a collaborative algorithm which computes and delivers to the target the best possible traffic mix in polynomial time. The second algorithm is a distributed non-collaborative algorithm for which we prove a lower bound on the worst-case performance.

scholarly journals Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment

2019 ◽  
Vol 9 (1S3) ◽  
pp. 200-205
Keyword(s):  
Cloud Computing ◽  
Adaptive Learning ◽  
Denial Of Service ◽  
Cloud Services ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Automatic Filtering

Distributed Denial of Service (DDoS) attacks has become the most powerful cyber weapon to target the businesses that operate on the cloud computing environment. The sophisticated DDoS attack affects the functionalities of the cloud services and affects its core capabilities of cloud such as availability and reliability. The current intrusion detection system (IDS) must cope with the dynamicity and intensity of immense traffic at the cloud hosted applications and the security attack must be inspected based on the attack flow characteristics. Hence, the proposed Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment is designed to adapt with varying kind of protocol attacks using misuse detection. The system is equipped with custom and threshold techniques that satisfies security requirements and can identify the different DDoS security attacks. The proposed system provides promising results in detecting the DDoS attacks in cloud environment with high detection accuracy and good alert reduction. Threshold method provides 98% detection accuracy with 99.91%, 99.92% and 99.94% alert reduction for ICMP, UDP and TCP SYN flood attack. The defense system filters the attack sources at the target virtual instance and protects the cloud applications from DDoS attacks.

Sign in / Sign up

Export Citation Format

Share Document