Home   >   CSC-OpenAccess Library   >    Manuscript Information
Full Text Available

(350.69KB)
This is an Open Access publication published under CSC-OpenAccess Policy.
New Framework to Detect and Prevent Denial of Service Attack in Cloud Computing Environment
Mohd Nazri Ismail, Abdulaziz Aborujilah, Shahrulniza Musa, AAmir Shahzad
Pages - 226 - 237     |    Revised - 15-07-2012     |    Published - 10-08-2012
Volume - 6   Issue - 4    |    Publication Date - August 2012  Table of Contents
MORE INFORMATION
KEYWORDS
Flooding Based Denial-of-service (DDoS) Attack, Honeypot, Covariance Matrix
ABSTRACT
Cloud computing paradigm as one of new concept in world of computing in general and especially in computer network, give a new facilities such as IaaS (infrastructure as service), PaaS (platform as stricter) and SaaS (software as service). All this services offered by utilization of new and old techniques such as resources sharing distributed networking, virtualization. But it still suffering from some shortages and one of the most important one is security threats. and one of the most dangers is Distributed denial-of-service (DDoS), and for overcome this threat many techniques has been proposed and most of them give more attention to one aspect either detecting or preventing or tracing the sources of attack and a few which address the attack in all its aspect. here we propose new framework to counter this attack by detect the attack using covariance matrix statistical method and determine the sources of attack using TTl Distance average and Finlay we apply a technique to eliminate attack by get benefit from the Honeypot method to block all attacks sources and transfer the legitimate traffic to another virtual machine not affected by attack.
CITED BY (8)  
1 Nagarajan, P., & Perumal, G. (2015). Detection of Denial of Service Attack in Cloud using Fuzzy Time Series Analysis and EM Algorithm. International Journal of Advancements in Computing Technology, 7(5), 25.
2 Ali Tandra, S., & Rizvi, S. M. (2014). Security for Cloud Based Services.
3 Banafar, H., & Sharma, S. Secure Cloud Environment Using Hidden Markov Model and Rule Based Generation.
4 Latif, R., Abbas, H., & Assar, S. (2014). Distributed denial of service (DDoS) attack in cloud-assisted wireless body area networks: a systematic literature review. Journal of medical systems, 38(11), 1-10.
5 Kumar Shridhar, N. G. (2014). A Prevention of DDos Attacks in Cloud Using Honeypot. International Journal of Science and Research, 3(11), 2378-2383.
6 Aishwarya, R., & Malliga, S. (2014, April). Intrusion detection system-An efficient way to thwart against Dos/DDos attack in the cloud environment. In Recent Trends in Information Technology (ICRTIT), 2014 International Conference on (pp. 1-6). IEEE.
7 Ismail, M. N., Aborujilah, A., Musa, S., & Shahzad, A. (2013, January). Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach. In Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication (p. 36). ACM.
8 Chawla, I., Kaur, D., & Luthra, P. DDoS Attacks in Cloud and Mitigation Techniques.
1 Google Scholar
2 CiteSeerX
3 refSeek
4 TechRepublic
5 Scribd
6 SlideShare
7 PdfSR
1 Foster, I. and C. Kesselman, The grid: blueprint for a new computing infrastructure. 2004: Morgan Kaufmann.
2 Buyya, R., High performance cluster computing: programming and applications, vol. 2. Pre ticeHallPTR, NJ, 1999.
3 Armbrust, M., et al., A view of cloud computing. Communications of the ACM, 2010. 53(4): p. 50-58.
4 Mell, P. and T. Grance, The NIST definition of cloud computing. National Institute of Standards and Technology, 2009. 53(6): p. 50.
5 Bhardwaj, S., L. Jain, and S. Jain, Cloud computing: A study of infrastructure as a service (IAAS). International Journal of engineering and information Technology, 2010. 2(1): p. 60-63.
6 Kulkarni, G., P. Khatawkar, and J. Gambhir, Cloud Computing-Platform as Service. International Journal of Engineering. 1.
7 Kulkarni, G., J. Gambhir, and R. Palwe, Cloud Computing-Software as Service. International Journal of Cloud Computing and Services Science (IJ-CLOSER), 2012. 1(1).
8 Foster, I., et al. Cloud computing and grid computing 360-degree compared. 2008: Ieee.
9 Ngongang, G., Cloud Computing Security. 2011.
10 Subashini, S. and V. Kavitha, A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 2011. 34(1): p. 1-11.
11 Yeung, D.S., S. Jin, and X. Wang, Covariance-matrix modeling and detecting various flooding attacks. Systems, Man and Cybernetics, Part A: Systems and Humans, IEEE Transactions on, 2007. 37(2): p. 157-169.
12 Xie, Y. and S.Z. Yu, Monitoring the application-layer DDoS attacks for popular websites. Networking, IEEE/ACM Transactions on, 2009. 17(1): p. 15-25.
13 Habib, A., M. Hefeeda, and B. Bhargava. Detecting service violations and DoS attacks. 2003.
14 Leu, F., Intrusion Detection, Forecast and Traceback Against DDoS Attacks. 2009.
15 Singh, N., S. Ghrera, and P. Chaudhuri, Denial of Service Attack: Analysis of Network Traffic Anormaly using Queuing Theory. Arxiv preprint arXiv:1006.2807, 2010.
16 Lee, S., G. Kim, and S. Kim, Sequence-order-independent network profiling for detecting application layer DDoS attacks. EURASIP Journal on Wireless Communications and Networking, 2011. 2011(1): p. 1-9.
17 Gupta, B., R. Joshi, and M. Misra, Prediction of Number of Zombies in a DDoS Attack using Polynomial Regression Model. Journal of Advances in Information Technology, 2011. 2(1): p. 57-62.
18 Hao, S., et al. A queue model to detect DDos attacks. 2005: IEEE.
19 Guilbault, N. and R. Guha. Experiment setup for temporal distributed intrusion detection system on amazon's elastic compute cloud. 2009: IEEE.
20 Lo, C.C., C.C. Huang, and J. Ku. A cooperative intrusion detection system framework for cloud computing Networks. 2010: IEEE.
21 Prabha, S. and R. Anitha, Mitigation of Application Traffic DDOS Attacks with Trust and Am Based Hmm Models. International Journal of Computer Applications IJCA, 2010. 6(9): p. 26-34.
22 Chang, R.K.C., Defending against flooding-based distributed denial-of-service attacks: A tutorial. Communications Magazine, IEEE, 2002. 40(10): p. 42-51.
23 Kong, J., et al. Random flow network modeling and simulations for DDoS attack mitigation. 2003: IEEE.
24 Hu, Y.H., H. Choi, and H.A. Choi. Packet filtering to defend flooding-based DDoS attacks [Internet denial-of-service attacks]. 2004: IEEE.
25 Wuu, L.C., et al. A practice of the intrusion prevention system. 2007: IEEE.
26 Choi, Y.S., et al. Integrated DDoS attack defense infrastructure for effective attack prevention. 2010: IEEE.
27 Chao-yang, Z. DOS Attack Analysis and Study of New Measures to Prevent. 2011: IEEE.
28 Lamping, U. and E. Warnicke, Wireshark User's Guide. Interface, 2004. 4: p. 6.
29 Roesch, M. Snort-lightweight intrusion detection for networks. 1999: Seattle, Washington.
30 Wang, H., C. Jin, and K.G. Shin, Defense against spoofed IP traffic using hop-count filtering. IEEE/ACM Transactions on Networking (TON), 2007. 15(1): p. 40-53.
31 Nunez, A., et al. Design of a flexible and scalable hypervisor module for simulating cloud computing environments. 2011: IEEE.
Mr. Mohd Nazri Ismail
- Malaysia
Mr. Abdulaziz Aborujilah
- Malaysia
azizhadi1981@gmail.com
Mr. Shahrulniza Musa
- Malaysia
Dr. AAmir Shahzad
- Malaysia