Skip to main content
SpringerLink
Log in

AVDR: A Framework for Migration Policy to Handle DDoS Attacked VM in Cloud

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The recent trends of Distributed Denial of Service (DDoS) attacks in cloud computing have revealed a new menace of DDoS attacks called collateral damages on non-target stakeholders. These stakeholders are victim Virtual Machine (VM), sibling VMs, host physical machine, other host physical machines, VMs on other host machine, users of attacked and co-hosted VMs, cloud providers and cloud customer. The main reason behind these collateral damages are the features of cloud like virtualization, auto-scaling, resource sharing, and migrations. During the DDoS attacks due to the massive number of requests, it will result in host overload situation. In cloud, this overload situation is handled by various existing migration policies. These simple migration policies are not efficient if the attacked VMs are present in the cloud network. Therefore a supporting framework, Attacked VM Detection and Recovery (AVDR) is proposed in this work. Proposed AVDR framework improves the performance of existing migration policies and reduces the collateral damages. The AVDR framework is based on attack strength ‘\(Y_{as}\)’, thus a linear model to evaluate ‘\(Y_{as}\)’ is also proposed. The dataset used for the modeling of ‘\(Y_{as}\)’ is generated over the VM instances created on AWS. It consists of both the attack as well as benign request traces. The results prove the effectiveness of the proposed work.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19

Similar content being viewed by others

References

  1. Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Buyya, R. (2017). DDoS attacks in cloud computing: Issues, taxonomy, and future directions. Computer Communications, 107, 30–48.

    Google Scholar 

  2. Labs, K. (2014). Distributed denial of service (DDOS) attacks, 2014, Global it security risks survey.http://media.kaspersky.com/en/ B2B- International- 2014- Survey- DDoS- Summary- Report.pdf .

  3. Burt, C. (2014). Large volume DDoS attacks see exceptional growth in first half of 2014: arbor networks.

  4. Nelson, P. (2015). Cybercriminals moving into cloud big time, report says. https://www.networkworld.com/article/2900125/criminals-moving-into-cloud-big-time-says-report.html.

  5. Somani, G., Gaur, M. S., & Sanghi, D. (2015). DDoS/EDoS attack in cloud: affecting everyone out there!. In Proceedings of the 8th international conference on security of information and networks (pp. 169-176). ACM.

  6. Alosaimi, W., & Al-Begain, K. (2013). An enhanced economical denial of sustainability mitigation system for the cloud. In Seventh international conference on next generation mobile apps, services and technologies (pp. 19-25). IEEE.

  7. Alosaimi, W., & Al-Begain, K. (2013). A new method to mitigate the impacts of the economical denial of sustainability attacks against the cloud. In Proceedings of the 14th annual post graduates symposium on the convergence of telecommunication, networking and broadcasting (PGNet) (pp. 116-121).

  8. Palmieri, F., Ricciardi, S., Fiore, U., Ficco, M., & Castiglione, A. (2015). Energy-oriented denial of service attacks: An emerging menace for large cloud infrastructures. The Journal of Supercomputing, 71(5), 1620–1641.

    Google Scholar 

  9. Ficco, M., & Rak, M. (2015). Stealthy denial of service strategy in cloud computing. IEEE Transactions on Cloud Computing, 3(1), 80–94.

    Google Scholar 

  10. Idziorek, J., Tannian, M., & Jacobson, D. (2012). Attribution of fraudulent resource consumption in the cloud. In 2012 IEEE fifth international conference on cloud computing (pp. 99–106). IEEE.

  11. Shukla, A. S., & Maurya, R. (2018). Entropy-based anomaly detection in a network. Wireless Personal Communications, 99, 1487–1501.

    Google Scholar 

  12. Prasad, K. M., Reddy, A. R. M., & Rao, K. V. (2018). Ensemble classifiers with drift detection (ECDD) in traffic flow streams to detect DDOS attacks. Wireless Personal Communications, 1–21.

  13. Ranjan, S., Swaminathan, R., Uysal, M., Nucci, A., & Knightly, E. (2009). DDoS-shield: DDoS-resilient scheduling to counter application layer attacks. IEEE/ACM Transactions on networking, 17(1), 26–39.

    Google Scholar 

  14. Sqalli, M. H., Al-Haidari, F., & Salah, K. (2011). Edos-shield-a two-steps mitigation technique against edos attacks in cloud computing. In 2011 Fourth IEEE international conference on utility and cloud computing (pp. 49-56). IEEE.

  15. Guenane, F., Nogueira, M., & Pujolle, G. (2014). Reducing DDoS attacks impact using a hybrid cloud-based firewalling architecture. In 2014 global information infrastructure and networking symposium (GIIS) (pp. 1-6). IEEE.

  16. Rajamohamed, R., Jose, T. J., Sumithra, S., & Vijaya, J. (2018). Multi model mitigation approach for network threats on cluster based linear chain routing protocol in wireless sensor networks at qos development. Wireless Personal Communications, 102(4), 3205–3224.

    Google Scholar 

  17. Latanicki, J., Massonet, P., Naqvi, S., Rochwerger, B., & Villari, M. (2010). Scalable cloud defenses for detection, analysis and mitigation of DDoS attacks. In Future internet assembly (pp. 127-137).

  18. Al-Haidari, F., Sqalli, M. H., & Salah, K. (2012). Enhanced EDoS-shield for mitigating EDoS attacks originating from spoofed IP addresses. In 2012 IEEE 11th international conference on trust, security and privacy in computing and communications (pp. 1167-1174). IEEE.

  19. Huang, V. S. M., Huang, R., & Chiang, M. (2013). A DDoS mitigation system with multi-stage detection and text-based turing testing in cloud computing. In 2013 27th international conference on advanced information networking and applications workshops (pp. 655-662). IEEE.

  20. Karnwal, T., Sivakumar, T., & Aghila, G. (2012). A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack. In 2012 IEEE students’ conference on electrical, electronics and computer science (pp. 1-5). IEEE.

  21. Kumar, M. N., Sujatha, P., Kalva, V., Nagori, R., Katukojwala, A. K., & Kumar, M. (2012). Mitigating economic denial of sustainability (edos) in cloud computing using in-cloud scrubber service. In 2012 Fourth international conference on computational intelligence and communication networks (pp. 535-539). IEEE.

  22. Idziorek, J., Tannian, M., & Jacobson, D. (2011). Detecting fraudulent use of cloud resources. In Proceedings of the 3rd ACM workshop on cloud computing security workshop (pp. 61-72). ACM.

  23. Gupta, S., & Kumar, P. (2017). Profile and back off based distributed NIDS in cloud. Wireless Personal Communications, 94(4), 2879–2900.

    Google Scholar 

  24. Mirkovic, J., & Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review, 34(2), 39–53.

    Google Scholar 

  25. Somani, G., Gaur, M. S., Sanghi, D., & Conti, M. (2016). DDoS attacks in cloud computing: Collateral damage to non-targets. Computer Networks, 109, 157–171.

    Google Scholar 

  26. Peng, T., Leckie, C., & Ramamohanarao, K. (2007). Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Computing Surveys (CSUR), 39(1), 3.

    Google Scholar 

  27. Douligeris, C., & Mitrokotsa, A. (2004). DDoS attacks and defense mechanisms: classification and state-of-the-art. Computer Networks, 44(5), 643–666.

    Google Scholar 

  28. Palmieri, F., Ricciardi, S., & Fiore, U. (2011). Evaluating network-based DoS attacks under the energy consumption perspective: new security issues in the coming green ICT area. In 2011 international conference on broadband and wireless computing, communication and applications (pp. 374-379). IEEE.

  29. Shea, R., & Liu, J. (2012). Understanding the impact of denial of service attacks on virtual machines. In Proceedings of the 2012 IEEE 20th international workshop on quality of service (p. 27). IEEE Press.

  30. Zhao, S., Chen, K., & Zheng, W. (2009). Defend against denial of service attack with VMM. In 2009 eighth international conference on grid and cooperative computing (pp. 91-96). IEEE.

  31. Wang, H., Jia, Q., Fleck, D., Powell, W., Li, F., & Stavrou, A. (2014). A moving target DDoS defense mechanism. Computer Communications, 46, 10–21.

    Google Scholar 

  32. Alqahtani, S., and Gamble, R. F. (2015). DDoS attacks in service clouds. In 48th Hawaii international conference on system sciences (HICSS). (pp. 5331-5340). IEEE.

  33. Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Buyya, R. (2017). Service resizing for quick DDoS mitigation in cloud computing environment. Annals of Telecommunications, 72(5–6), 237–252.

    Google Scholar 

  34. Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Rajarajan, M. (2017). DDoS victim service containment to minimize the internal collateral damages in cloud computing. Computers & Electrical Engineering, 59, 165–179.

    Google Scholar 

  35. Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Rajarajan, M. (2018). Scale inside-out: Rapid mitigation of cloud ddos attacks. IEEE Transactions on Dependable and Secure Computing, 15(6), 959–973.

    Google Scholar 

  36. http://www.systeen.com/2016/05/07/bash-script-monitor-cpu-memory-disk-usage-linux/.

  37. http://collectl.sourceforge.net/.

  38. Lindley D.V. (1990). Regression and correlation analysis. In Eatwell J., Milgate M., Newman P. (eds.), The New Palgrave. London: Palgrave Macmillan.https://doi.org/10.1007/978-1-349-20865-4-30.

  39. Freedman, D. A. (2009). Statistical models: theory and practice. Cambridge: Cambridge University Press.

    MATH  Google Scholar 

  40. Lewicki, P., & Hill, T. (2006). Statistics: methods and applications. Tulsa, OK: Statsoft.

  41. Foster, D. P., & George, E. I. (1994). The risk inflation criterion for multiple regression. The Annals of Statistics, 1947–1975.

  42. Prasad, K. M., Reddy, A. R. M., & Rao, K. V. (2017). BIFAD: Bio-inspired anomaly based HTTP-flood attack detection. Wireless Personal Communications, 97(1), 281–308.

    Google Scholar 

  43. Yang, X. S., & Deb, S. (2010). Engineering optimisation by cuckoo search. arXiv preprint arXiv:1005.2908.

  44. Shehab, M., Khader, A. T., & Al-Betar, M. A. (2017). A survey on applications and variants of the cuckoo search algorithm. Applied Soft Computing, 61, 1041–1059.

    Google Scholar 

  45. Beloglazov, A., Abawajy, J., & Buyya, R. (2012). Energy-aware resource allocation heuristics for efficient management of data centers for cloud computing. Future Generation Computer Systems, 28(5), 755–768.

    Google Scholar 

  46. Beloglazov, A., & Buyya, R. (2012). Optimal online deterministic algorithms and adaptive heuristics for energy and performance efficient dynamic consolidation of virtual machines in cloud data centers. Concurrency and Computation: Practice and Experience, 24(13), 1397–1420.

    Google Scholar 

  47. Beloglazov, A. (2013). Energy-efficient management of virtual machines in data centers for cloud computing.

Download references

Author information

Authors and Affiliations

  1. Atal Bihari Vajpayee - Indian Institute of Information Technology and Management, Gwalior, India

    Priyanka Verma, Shashikala Tapaswi & W. Wilfred Godfrey

Authors
  1. Priyanka Verma
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shashikala Tapaswi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. W. Wilfred Godfrey
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Priyanka Verma.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Verma, P., Tapaswi, S. & Godfrey, W.W. AVDR: A Framework for Migration Policy to Handle DDoS Attacked VM in Cloud. Wireless Pers Commun 115, 1335–1361 (2020). https://doi.org/10.1007/s11277-020-07630-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07630-6

Keywords

Search

Navigation