Detecting DDoS Attacks in Cloud Computing Environment
نویسندگان
چکیده
This paper is focused on detecting and analyzing the Distributed Denial of Service (DDoS) attacks in cloud computing environments. This type of attacks is often the source of cloud services disruptions. Our solution is to combine the evidences obtained from Intrusion Detection Systems (IDSs) deployed in the virtual machines (VMs) of the cloud systems with a data fusion methodology in the front-end. Specifically, when the attacks appear, the VM-based IDS will yield alerts, which will be stored into the Mysql database placed within the Cloud Fusion Unit (CFU) of the front-end server. We propose a quantitative solution for analyzing alerts generated by the IDSs, using the Dempster-Shafer theory (DST) operations in 3-valued logic and the fault-tree analysis (FTA) for the mentioned flooding attacks. At the last step, our solution uses the Dempsters combination rule to fuse evidence from multiple independent sources.
منابع مشابه
RESCUE: Reputation based Service for Cloud User Environment
Exceptional characteristics of Cloud computing has replaced all traditional computing. With reduced resource management and without in-advance investment, it has been victorious in making the IT world to migrate towards it. Microsoft announced its office package as Cloud, which can prevent people moving from Windows to Linux. As this drift is escalating in an exponential rate, the cloud environ...
متن کاملShuffling Based Mechanism for DDoS Prevention on Cloud Environment
Cloud Computing has evolved as a new paradigm in which users can use on-demand services, according to their needs. However, security concerns are primary obstacles to a wider adoption of clouds. Newly born concepts that clouds introduced, such as multitenancy, resource sharing and outsourcing, create new challenges for the security research. DDoS (Distributed Denial of service) attack is the bi...
متن کاملThe conjectural framework for detecting DDoS attack using enhanced entropy based threshold technique (EEB-TT) in cloud environment
A major threat to cloud infrastructure network is distributed denial of service (DDoS) attacks. It makes the resources unavailable for its anticipated users, which can be accomplished through malicious virtual machines (VMs) in a hypervisor layer of cloud datacenter. Less protection in VMs leads to DDoS attacks on cloud environment. Traditional approaches used data flow based method, but that i...
متن کاملDDoS Attacks, Detection Parameters and Mitigation in Cloud Environment
Cloud computing refers to providing on demand services and computing resources via Internet. The cloud environment has many security challenges among which DDoS attcks have maximum priority. Within Cloud Security issues being dominant for the private enterprises, the denial of service attacks are rated as the highest priority threat. This paper presents a review of DDoS attacks and parameters t...
متن کاملAn Adaptive Approach to Mitigate Ddos Attacks in Cloud
Distributed denial of service (DDOS) attack constitutes one of the prominent cyber threats and among the hardest security problems in modern cyber world. This research work focuses on reviewing DDOS detection techniques and developing a numeric stable theoretical framework used for detecting various DDOS attacks in cloud. Main sections in the paper are devoted to review and analysis of algorith...
متن کامل