Prevention of Vulnerable Virtual Machines against DDOS Attacks in the Cloud

Cloud Security is one amongst most significant problems that have attracted plenty of analysis and development effort in past few years. Notably, attackers will explore vulnerabilities of a cloud system and compromise virtual machines to deploy additional large-scale Distributed Denial-of-Service (DDoS). DDoS attacks sometimes involve early stage actions like multi-step exploitation, low frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and at last DDoS attacks through the compromised zombies. Among the cloud system, particularly the Infrastructure-asa-Service (IaaS) clouds, the detection of zombie exploration attacks is extremely troublesome. This can be as a result of cloud users could install vulnerable applications on their virtual machines. To stop vulnerable virtual machines from being compromised within the cloud, we tend to propose a multi-phase distributed vulnerability detection, measurement, and countermeasure selection mechanism known as NICE, that is built on attack graph primarily based analytical models and reconfigurable virtual network-based countermeasures. KeywordsCloud Security, Cloud Attacks, Distributed Denial of Service Attack, NICE, Attack graph model