Skip to main content
SpringerLink
Log in

A Survey on the Impact of DDoS Attacks in Cloud Computing: Prevention, Detection and Mitigation Techniques

  • Conference paper
  • First Online:
Intelligent Communication Technologies and Virtual Mobile Networks (ICICV 2019)

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 33))

Included in the following conference series:

Abstract

In recent years, cloud services are emerging popular among the public and business ventures. Most of companies are trusting on cloud computing technology for production tasks. Distributed Denial of Service (DDoS) attack is a major general and critical type of attack on the cloud that proved extremely damaging the services. In current years, several efforts have been taken to identify the numerous types of DDoS attacks. This paper explains the various types of DDoS attack and its consequence in cloud computing. Also, this paper provides the various impacts of DDoS attack on cloud environment. The main goal of this paper is to discuss about prevention, detection and mitigation approaches of DDoS attacks on cloud environment with strengths, challenges and limitations of each approach. So that researchers can gets completely novel intuitive understanding into how to alleviate DDoS attacks in the field of cloud computing.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. NIST: The NIST Definition of Cloud Computing (2011). http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

  2. Kaufman, L.M.: Data security in the world of cloud computing. IEEE Secur. Priv. 7(4), 61–64 (2009). https://doi.org/10.1109/MSP.2009.87

    Article  Google Scholar 

  3. Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012). https://doi.org/10.1016/j.future.2010.12.006

    Article  Google Scholar 

  4. Mirkovic, J., Reiher, P.: A Taxonomy of DDoS attack and DDoS defense mechanisms. SIGCOMM Comput. Commun. Rev. 34(2), 39–53 (2004). https://doi.org/10.1145/997150.997156

    Article  Google Scholar 

  5. Mansfield-Devine, S.: The growth and evolution of DDoS. Netw. Secur. 10, 13–20 (2015)

    Article  Google Scholar 

  6. Kaspersky Labs, Global IT Security Risks Survey 2014 - Distributed Denial of Service (DDoS) Attacks (2014). http://media.kaspersky.com/en/B2B-International-2014-Survey-DDoS-Summary-Report.pdf

  7. Nelson, P.: Cybercriminals Moving into Cloud Big Time, Report Says (2015). http://www.networkworld.com/article/2900125/malwarecybercrime/criminals-/moving-into-cloud-big-time-says-report.html

  8. Somani, G., et al.: DDoS attacks in cloud computing: issues, taxonomy, and future directions (2015). arXiv preprint: arXiv:1512.08187

  9. Shameli-Sendi, A., et al.: Taxonomy of distributed denial of service mitigation approaches for cloud computing. J. Netw. Comput. Appl. 58, 165–179 (2015). https://doi.org/10.1016/j.jnca.2015.09.005

    Article  Google Scholar 

  10. Deshmukh, R.V., Devadkar, K.K.: Understanding DDoS attack & its effect in a cloud environment. Procedia Comput. Sci. 49, 202–210 (2015)

    Article  Google Scholar 

  11. Akamai Technologies, Akamai’s State of the Internet Q4 2013 Executive Summary 6(4) (2013). http://www.akamai.com/dl/akamai/akamai-soti-q413-exec-summary.pdf

  12. Neustar News, DDoS Attacks and Impact Report Finds Unpredictable DDoS Landscape (2014). http://www.neustar.biz/aboutus/news-room/press-releases/2014/neustar-2014-ddosattacks-and-impact-report-finds-unpredictable-ddos-/landscape#.U33B_nbzdsV

  13. P. Technologies (2014). http://www.prolexic.com/

  14. Arbor Networks, Understanding the nature of DDoS attacks (2014). http://www.arbornetworks.com/asert/2012/09/understandingthe-nature-of-ddos-attacks/

  15. Tripwire-New Research Shows Global DDoS Attacks Grew 90% in Q4 2014 (2014). https://www.tripwire.com/state-of-security/latest-security-news/new-research-shows-global-ddos-attacks-grew-90-in-q4-2014/

  16. Abliz, M.: Internet Denial of Service Attacks and defence Mechanisms, University of Pittsburgh, Department of Computer Science, Technical report. TR-11-178 (2011)

    Google Scholar 

  17. Shin, S., Yegneswaran, V., Porras, P., Gu, G.: AVANT-GUARD: scalable and vigilant switch ow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 413–424 (2013)

    Google Scholar 

  18. Shameli-Sendi, A., Dagenais, M.: ARITO: cyber-attack response system using accurate risk impact tolerance. Int. J. Inf. Secur. (2013). https://doi.org/10.1007/s10207-013-0222-9

    Article  Google Scholar 

  19. Shameli-Sendi, A., Ezzati-Jivan, N., Jabbarifar, M., Dagenais, M.: Intrusion response systems: survey and taxonomy. Int. J. Comput. Sci. Netw. Secur. 12(1), 1–14 (2012)

    Google Scholar 

  20. Walfish, M., Vutukuru, M., Balakrishnan, H., Karger, D., Shenker, S.: DDoS defence by offense. ACM Trans. Comput. Syst. (TOCS) 28(1), 1–54 (2010). Article 3

    Article  Google Scholar 

  21. Zargar, S.T., Joshi, J., Tipper, D.: A survey of defence mechanisms against Distributed Denial of Service (DDoS) flooding attacks. IEEE Commun. Surv. Tutor. 99, 1–24 (2013)

    Google Scholar 

  22. PC World. http://www.pcworld.com/article/2035407/ddos-attacks-have-increased-in-number-and-size-this-year-report-says.html

  23. Khor, S.H., Nakao, A.: sPoW: on-demand cloud-based EDDoS mitigation mechanism. In: HotDep (Fifth Workshop on Hot Topics in System Dependability) (2009)

    Google Scholar 

  24. Kumar, M.N., Sujatha, P., Kalva, V., Nagori, R., Katukojwala, A.K., Kumar, M.: Mitigating Economic Denial of Sustainability (EDoS) in cloud computing using in-cloud scrubber service. In: Proceedings of the 2012 Fourth International Conference on Computational Intelligence and Communication Networks, CICN 2012, Washington, DC, USA, pp. 535–539. IEEE Computer Society (2012). https://doi.org/10.1109/CICN.2012.149

  25. Al-Haidari, F., Sqalli, M.H., Salah, K.: Enhanced EDoS-Shield for mitigating EDoS attacks originating from spoofed IP addresses. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 1167–1174. IEEE (2012)

    Google Scholar 

  26. Sqalli, M.H., Al-Haidari, F., Salah, K.: EDoS-Shield - a two-steps mitigation technique against EDoS attacks in cloud computing. In: 2011 Fourth IEEE International Conference on Utility and Cloud Computing (UCC), pp. 49–56. IEEE (2011)

    Google Scholar 

  27. Alosaimi, W., Al-Begain, K.: A new method to mitigate the impacts of the economical denial of sustainability attacks against the cloud. In: Proceedings of the 14th Annual Post Graduates Symposium on the Convergence of Telecommunication, Networking and Broadcasting (PGNet), pp. 116–121 (2013)

    Google Scholar 

  28. Wang, H., Jia, Q., Fleck, D., Powell, W., Li, F., Stavrou, A.: A moving target DDoS defense mechanism. Comput. Commun. 46, 10–21 (2014)

    Article  Google Scholar 

  29. Karnwal, T., Sivakumar, T., Aghila, G.: A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack. In: 2012 IEEE Students’ Conference on Electrical, Electronics and Computer Science (SCEECS), pp. 1–5. IEEE (2012)

    Google Scholar 

  30. Anderson, T., Roscoe, T., Wetherall, D.: Preventing internet Denial-of-Service with capabilities. ACM SIGCOMM Comput. Commun. Rev. 34(1), 39–44 (2004)

    Article  Google Scholar 

  31. Masood, M., Anwar, Z., Raza, S.A., Hur, M.A.: EDoS Armor: a cost effective economic denial of sustainability attack mitigation framework for E-commerce applications in cloud environments. In: 2013 16th International Multi Topic Conference (INMIC), pp. 37–42 (2013). https://doi.org/10.1109/INMIC.2013.6731321

  32. Jia, Q., Wang, H., Fleck, D., Li, F., Stavrou, A., Powell, W.: Catch Me if You Can: a cloud-enabled DDoS defense. In: 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 264–275. IEEE (2014)

    Google Scholar 

  33. Jeyanthi, N., Mogankumar, P.: A virtual firewall mechanism using army nodes to protect cloud infrastructure from DDoS attacks. Cybern. Inf. Technol. 14(3), 71–85 (2014)

    Google Scholar 

  34. Baig, Z.A., Binbeshr, F.: Controlled virtual resource access to mitigate Economic Denial of Sustainability (EDoS) attacks against cloud infrastructures. In: Proceedings of the 2013 International Conference on Cloud Computing and Big Data, CLOUDCOM-ASIA 2013, Washington, DC, USA, pp. 346–353. IEEE Computer Society (2013). https://doi.org/10.1109/CLOUDCOM-ASIA.2013.51

  35. Saini, B., Somani, G.: Index page based EDoS attacks in infrastructure cloud. In: International Conference on Security in Computer Networks and Distributed Systems, pp. 382–395. Springer, Heidelberg (2014)

    Google Scholar 

  36. Idziorek, J., Tannian, M., Jacobson, D.: Detecting fraudulent use of cloud resources. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security, pp. 61–72. ACM (2011)

    Google Scholar 

  37. Ismail, M.N., Aborujilah, A., Musa, S., Shahzad, A.: Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach. In: Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, p. 36. ACM (2013)

    Google Scholar 

  38. Feinstein, L., Schnackenberg, D., Balupari, R., Kindred, D.: Statistical approaches to DDoS attack detection and response. In: Proceedings of the DARPA Information Survivability Conference and Exposition, vol. 1, pp. 303–314. IEEE (2003)

    Google Scholar 

  39. Shamsolmoali, P., Zareapoor, M.: Statistical-based filtering system against DDoS attacks in cloud computing. In: 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI 2014), pp. 1234–1239. IEEE (2014)

    Google Scholar 

  40. Gómez-Lopera, J.F., Martínez-Aroza, J., Robles-Pérez, A.M., Román-Roldán, R.: An analysis of edge detection by using the Jensen-Shannon divergence. J. Math. Imaging Vis. 13(1), 35–56 (2000)

    Article  MathSciNet  Google Scholar 

  41. Templeton, S.J., Levitt, K.E.: Detecting spoofed packets. In: Proceedings of the DARPA Information Survivability Conference and Exposition, vol. 1, pp. 164–175. IEEE (2003)

    Google Scholar 

  42. Chen, Q., Lin, W., Dou, W., Yu, S.: CBF: a packet filtering method for DDoS attack defense in cloud environment. In: IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing (DASC), pp. 427–434. IEEE (2011)

    Google Scholar 

  43. Jeyanthi, N., Iyengar, N.C.S., Kumar, P.M., Kannammal, A.: An enhanced entropy approach to detect and prevent DDoS in Cloud environment. Int. J. Commun. Netw. Inf. Secur. (IJCNIS) 5(2), 110 (2013)

    Google Scholar 

  44. Vissers, T., Somasundaram, T.S., Pieters, L., Govindarajan, K., Hellinckx, P.: DDoS defense system for web services in a cloud environment. Future Gener. Comput. Syst. 37, 37–45 (2014)

    Article  Google Scholar 

  45. Latanicki, J., Massonet, P., Naqvi, S., Rochwerger, B., Villari, M.: Scalable cloud defenses for detection, analysis and mitigation of DDoS attacks. In: Future Internet Assembly, pp. 127–137 (2010)

    Google Scholar 

  46. Li, B., Niu, W., Xu, K., Zhang, C., Zhang, P.: You cant hide: a novel methodology to defend DDoS attack based on but cloud. In: Applications and Techniques in Information Security. Communications in Computer and Information Science, pp. 203–214. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  47. Graham, M., Adrian, W., Erika, S.-V.: Botnet detection within cloud service provider networks using flow protocols. In: 2015 IEEE 13th International Conference on Industrial Informatics (INDIN), pp. 1614–1619. IEEE (2015)

    Google Scholar 

  48. Badis, H., Doyen, G., Khatoun, R.: A collaborative approach for a source-based detection of but clouds. In: 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 906–909. IEEE (2015)

    Google Scholar 

  49. Mohammad, R.M., Mauro, C., Ville, L.: EyeCloud: a BotCloud detection system. In: Proceedings of the 5th IEEE International Symposium on Trust and Security in Cloud Computing (IEEE TSCloud 2015), Helsinki, Finland. IEEE (2015)

    Google Scholar 

  50. Yu, S., Tian, Y., Guo, S., Wu, D.O.: Can we beat DDoS attacks in clouds? IEEE Trans. Parallel Distrib. Syst. 25(9), 2245–2254 (2014)

    Article  Google Scholar 

  51. Yossi, G., Amir, H., Michael, S., Michael, G.: CDN-on-Demand: an affordable DDoS defense via un-trusted clouds. In: Network and Distributed System Security Symposium (NDSS) (2016)

    Google Scholar 

  52. Somani, G., Gaur, M.S., Sanghi, D., Conti, M., Buyya, R.: Service resizing for quick DDoS mitigation in cloud computing environment. Ann. Telecommun. 72(5–6), 237–252 (2016)

    Google Scholar 

  53. Somani, G., Gaur, M.S., Sanghi, D., Conti, M., Rajarajan, M.: DDoS victim service containment to minimize the internal collateral damages in cloud computing. Comput. Electr. Eng. (2016)

    Google Scholar 

  54. Sahay, R., Blanc, G., Zhang, Z., Debar, H.: Towards autonomic DDoS mitigation using software defined networking. In: SENT 2015: NDSS Workshop on Security of Emerging Networking Technologies, Internet Society, San Diego, California, US (2015). https://doi.org/10.14722/sent.2015.23004

  55. Wang, X., Chen, M., Xing, C.: SDSNM: a software-defined security networking mechanism to defend against DDoS attacks. In: 2015 Ninth International Conference on Frontier of Computer Science and Technology (FCST), pp. 115–121. IEEE (2015)

    Google Scholar 

  56. Wang, B., Zheng, Y., Lou, W., Hou, Y.T.: DDoS attack protection in the era of cloud computing and software-defined networking. Comput. Netw. 81, 308–319 (2015)

    Article  Google Scholar 

  57. Yan, Q., Yu, F.: Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Commun. Mag. 53(4), 52–59 (2015)

    Article  Google Scholar 

  58. Tsai, S.-C., Liu, I.-H., Lu, C.-T., Chang, C.-H., Li, J.-S.: Defending cloud computing environment against the challenge of DDoS attacks based on software-defined network. In: Advances in Intelligent Information Hiding and Multimedia Signal Processing: Proceeding of the Twelfth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, Kaohsiung, Taiwan, 21–23 November 2016, vol. 1, pp. 285–292. Springer, Cham (2017)

    Google Scholar 

  59. Stillwell, M., Schanzenbach, D., Vivien, F., Casanova, H.: Resource allocation algorithms for virtualized service hosting platforms. J. Parallel Distrib. Comput. 70(9), 962–974 (2010)

    Article  Google Scholar 

  60. Somani, G., Gaur, M.S., Sanghi, D., Conti, M., Rajarajan, M., Buyya, R.: Combating DDoS attacks in the cloud: requirements, trends, and future directions. IEEE Cloud Comput. 4, 22–32 (2017)

    Article  Google Scholar 

  61. Zhao, S., Chen, K., Zheng, W.: Defend against Denial of Service attack with VMM. In: Eighth International Conference on Grid and Cooperative Computing, GCC 2009, pp. 91–96. IEEE (2009)

    Google Scholar 

  62. Silva, S.S., Silva, R.M., Pinto, R.C., Salles, R.M.: Botnets: a survey. Comput. Netw. 57(2), 378–403 (2013)

    Article  Google Scholar 

  63. Yan, Q., Yu, R., Gong, Q., Li, J.: Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. Commun. Surv. Tutor. PP(99), 1 (2015). https://doi.org/10.1109/COMST.2015.2487361

    Article  Google Scholar 

  64. Singh, A., Chatterjee, K.: Cloud security issues and challenges: a survey. J. Netw. Comput. Appl. 79(1), 88–115 (2017)

    Article  Google Scholar 

  65. Online The Truth about DDoS Attacks: Part 1 (2013). http://www.carbon60.com/the-truthabout-ddos-attacks-part-1/. Accessed 12 July 2015

  66. Kaspersky Lab. https://www.kaspersky.com/about/press-releases/2015_one-in-five-ddos-attacks-last-for-days-or-even-weeks

Download references

Author information

Authors and Affiliations

  1. Saudi Electronic University, Riyadh, Saudi Arabia

    Karthik Srinivasan

  2. King Khalid University, Abha, Saudi Arabia

    Azath Mubarakali

  3. Vice Dean of College of Computer Science and Information System, Najran University, Najran, Kingdom of Saudi Arabia

    Abdulrahman Saad Alqahtani

  4. Department of Computer Science and Engineering, Koneru Lakshmaiah Education Foundation, Vaddeswaram, Andhra Pradesh, India

    A. Dinesh Kumar

Authors
  1. Karthik Srinivasan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Azath Mubarakali
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abdulrahman Saad Alqahtani
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. A. Dinesh Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Azath Mubarakali .

Editor information

Editors and Affiliations

  1. Department of CSE, Francis Xavier Engineering College, Tirunelveli, Tamil Nadu, India

    S. Balaji

  2. Departamento de Engenharia Informática, Faculdade de Ciências e Tecnologia, University of Coimbra, Coimbra, Portugal

    Álvaro Rocha

  3. Department of Electrical Engineering, National Changhua University of Education, Changhua County, Taiwan

    Yi-Nan Chung

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Srinivasan, K., Mubarakali, A., Alqahtani, A.S., Dinesh Kumar, A. (2020). A Survey on the Impact of DDoS Attacks in Cloud Computing: Prevention, Detection and Mitigation Techniques. In: Balaji, S., Rocha, Á., Chung, YN. (eds) Intelligent Communication Technologies and Virtual Mobile Networks. ICICV 2019. Lecture Notes on Data Engineering and Communications Technologies, vol 33. Springer, Cham. https://doi.org/10.1007/978-3-030-28364-3_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-28364-3_24

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-28363-6

  • Online ISBN: 978-3-030-28364-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation