Abstract
Security of cloud services is of utmost importance for contemporary cloud providers. In addition to the traditional malicious attacks that have targeted cloud datacenters in the past, new and persistent threats have changed the landscape of cyber-attacks in recent times. Economic Denial of Sustainability (EDoS) attacks are one of such variant attack types with serious implications and consequences. Such attacks exploit the scalability and elasticity characteristics of the cloud to enforce unwanted resource allocation with the aim of causing economic losses to the cloud service owner. In this paper, we present an experimental study to evaluate the effectiveness of the popular EDoS-Shield technique which is designed to mitigate EDoS attacks. The effectiveness of EDoS-Shield is studied in terms of the needed VM compute resources, response time, and CPU utilization.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Fox A., Griffith R., Joseph A., Katz R., Konwinski A., Lee G., Patterson D., Rabkin A., Stoica I.: Above the clouds: a Berkeley view of cloud computing. Dep. Electr. Eng. Comput. Sci. Univ. Calif. Berkeley Rep. UCBEECS 28, 13 (2009)
Mell P., Grance T.: The NIST definition of cloud computing. Natl. Inst. Stand. Technol. 53(6), 50 (2009)
IDC eXchange? “Blog Archive?” New IDC IT Cloud Services Survey: Top Benefits and Challenges
Baig Z., Salah K.: Multi-agent pattern recognition mechanism for detecting distributed denial of service attacks. IET Inf. Secur. 4(1), 333–343 (2010)
Hoff, C.: The economic denial of sustainability concept. http://rationalsecurity.typepad.com/blog/2008/11/index.html
Sqalli, M.H.; Al-Haidari, F.; Salah, K.: EDoS-shield-a two-steps mitigation technique against edos attacks in cloud computing. In: 2011 Fourth IEEE International Conference on Utility and Cloud Computing (UCC), pp. 49–56 (2011)
VivinSandar S., Shenai S.: Economic denial of sustainability (edos) in cloud services using http and xml based ddos attacks. Int. J. Comput. Appl. 41(20), 11–16 (2012)
Khor, S.H.; Nakao, A.: Spow: on-demand cloud-based eddos mitigation mechanism. In: HotDep (Fifth Workshop on Hot Topics in System Dependability) (2009)
Saini, B.; Somani, G.: Index page based EDoS attacks in infrastructure cloud. In: Recent Trends in Computer Networks and Distributed Systems Security, pp. 382–395 (2014)
Salah K., Kahtani A.: Performance evaluation comparison of snort NIDS under Linux and Windows Server. Int. J. Netw. Comput. Appl. 33(1), 6–15 (2010)
Kumar, M.N.; Sujatha, P.; Kalva, V.; Nagori, R.; Katukojwala, A.K.; Kumar, M.: Mitigating economic denial of sustainability (EDoS) in cloud computing using in-cloud scrubber service. In: 2012 Fourth International Conference on Computational Intelligence and Communication Networks (CICN), pp. 535–539 (2012)
Yu, S.; Tian, Y.; Guo, S.; Wu, D.: Can we beat DDoS attacks in clouds? IEEE Trans. Parallel Distributed Sys. 25(9), 2245–2254 (2014)
Salah, K.; El-Badawi, K.: Performance evaluation of interrupt-driven kernels in gigabit networks. In: Proceedings of the 2003 IEEE Conference on Global Telecommunications, (IEEE GLOBECOM 2003), San Francisco, USA, pp. 3953-3957, 1–5 Dec (2003)
Alosaimi, W.; Al-Begain, K.: A new method to mitigate the impacts of the economical denial of sustainability attacks against the cloud. In: Proceedings of the 14th Annual Post Graduates Symposium on the convergence of Telecommunication, Networking and Broadcasting (PGNet), pp. 116–121 (2013)
Al-Haidari, F.; Sqalli, M.H.; Salah, K.: Enhanced EDoS-Shield for mitigating EDoS attacks originating from spoofed IP addresses. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1167–1174 (2012)
Al-Haidari F., Sqalli M.H., Salah K.: Evaluation of the Impact of EDoS Attacks Against Cloud Computing Services. Arab. J. Sci. Eng. 40, 773–785 (2015)
Somani, G.; Gaur, M.; Sanghi, D.: DDoS/EDoS attack in cloud: affecting everyone out there!. In: SIN (2015)
Masood, M.; Anwar, Z.; Raza, S.; Hur, M.: EDoS armor: a cost effective economic denial of sustainability attack mitigation framework for e-commerce applications in cloud environments. In: 2013 16th International Multi Topic Conference (INMIC) (2013)
Alosaimi, W.; Al-Begain, K.: An enhanced economical denial of sustainability mitigation system for the cloud. In: 2013 Seventh International Conference on Next Generation Mobile Apps, Services and Technologies (NGMAST), pp. 19–25 (2013)
CloudPlatform—Cloud Orchestration to support Infrastructure-as-a-Service. http://www.citrix.com/content/citrix/en_us/products/cloudplatform/overview.html
Citrix XenServer—Efficient Server Virtualization Software. http://www.citrix.com/content/citrix/en_us/products/xenserver/overview.html
CentOS—The Community ENTerprise Operating System. http://www.centos.org/
Apache HTTP Server. http://httpd.apache.org/
NetScaler Application Delivery Controller–Application security and cloud scalability. http://www.citrix.com/content/citrix/en_us/products/netscaler-application-delivery-controller/overview.html
Apache JMeter. http://jmeter.apache.org/
Custom Plugins for Apache JMeter. JMeter-Plugins.org. http://jmeter-plugins.org/
netfilter—firwalling, NAT, and packet mangling for linux. http://www.netfilter.org/
WampServer. http://www.wampserver.com/en/
Secureimage—PHP CAPTCHA. http://www.phpcaptcha.org/
XenCenter. http://www.xenserver.org/overview-xenserver-open-source-virtualization/download.html
Firebug. http://getfirebug.com/
000Webhost.com. http://www.000webhost.com/templates/Games/template_45
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Alsowail, S., Sqalli, M.H., Abu-Amara, M. et al. An Experimental Evaluation of the EDoS-Shield Mitigation Technique for Securing the Cloud. Arab J Sci Eng 41, 5037–5047 (2016). https://doi.org/10.1007/s13369-016-2210-7
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13369-016-2210-7