Abstract
The recent trends of Distributed Denial of Service (DDoS) attacks in cloud computing have revealed a new menace of DDoS attacks called collateral damages on non-target stakeholders. These stakeholders are victim Virtual Machine (VM), sibling VMs, host physical machine, other host physical machines, VMs on other host machine, users of attacked and co-hosted VMs, cloud providers and cloud customer. The main reason behind these collateral damages are the features of cloud like virtualization, auto-scaling, resource sharing, and migrations. During the DDoS attacks due to the massive number of requests, it will result in host overload situation. In cloud, this overload situation is handled by various existing migration policies. These simple migration policies are not efficient if the attacked VMs are present in the cloud network. Therefore a supporting framework, Attacked VM Detection and Recovery (AVDR) is proposed in this work. Proposed AVDR framework improves the performance of existing migration policies and reduces the collateral damages. The AVDR framework is based on attack strength ‘\(Y_{as}\)’, thus a linear model to evaluate ‘\(Y_{as}\)’ is also proposed. The dataset used for the modeling of ‘\(Y_{as}\)’ is generated over the VM instances created on AWS. It consists of both the attack as well as benign request traces. The results prove the effectiveness of the proposed work.
Similar content being viewed by others
References
Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Buyya, R. (2017). DDoS attacks in cloud computing: Issues, taxonomy, and future directions. Computer Communications, 107, 30–48.
Labs, K. (2014). Distributed denial of service (DDOS) attacks, 2014, Global it security risks survey.http://media.kaspersky.com/en/ B2B- International- 2014- Survey- DDoS- Summary- Report.pdf .
Burt, C. (2014). Large volume DDoS attacks see exceptional growth in first half of 2014: arbor networks.
Nelson, P. (2015). Cybercriminals moving into cloud big time, report says. https://www.networkworld.com/article/2900125/criminals-moving-into-cloud-big-time-says-report.html.
Somani, G., Gaur, M. S., & Sanghi, D. (2015). DDoS/EDoS attack in cloud: affecting everyone out there!. In Proceedings of the 8th international conference on security of information and networks (pp. 169-176). ACM.
Alosaimi, W., & Al-Begain, K. (2013). An enhanced economical denial of sustainability mitigation system for the cloud. In Seventh international conference on next generation mobile apps, services and technologies (pp. 19-25). IEEE.
Alosaimi, W., & Al-Begain, K. (2013). A new method to mitigate the impacts of the economical denial of sustainability attacks against the cloud. In Proceedings of the 14th annual post graduates symposium on the convergence of telecommunication, networking and broadcasting (PGNet) (pp. 116-121).
Palmieri, F., Ricciardi, S., Fiore, U., Ficco, M., & Castiglione, A. (2015). Energy-oriented denial of service attacks: An emerging menace for large cloud infrastructures. The Journal of Supercomputing, 71(5), 1620–1641.
Ficco, M., & Rak, M. (2015). Stealthy denial of service strategy in cloud computing. IEEE Transactions on Cloud Computing, 3(1), 80–94.
Idziorek, J., Tannian, M., & Jacobson, D. (2012). Attribution of fraudulent resource consumption in the cloud. In 2012 IEEE fifth international conference on cloud computing (pp. 99–106). IEEE.
Shukla, A. S., & Maurya, R. (2018). Entropy-based anomaly detection in a network. Wireless Personal Communications, 99, 1487–1501.
Prasad, K. M., Reddy, A. R. M., & Rao, K. V. (2018). Ensemble classifiers with drift detection (ECDD) in traffic flow streams to detect DDOS attacks. Wireless Personal Communications, 1–21.
Ranjan, S., Swaminathan, R., Uysal, M., Nucci, A., & Knightly, E. (2009). DDoS-shield: DDoS-resilient scheduling to counter application layer attacks. IEEE/ACM Transactions on networking, 17(1), 26–39.
Sqalli, M. H., Al-Haidari, F., & Salah, K. (2011). Edos-shield-a two-steps mitigation technique against edos attacks in cloud computing. In 2011 Fourth IEEE international conference on utility and cloud computing (pp. 49-56). IEEE.
Guenane, F., Nogueira, M., & Pujolle, G. (2014). Reducing DDoS attacks impact using a hybrid cloud-based firewalling architecture. In 2014 global information infrastructure and networking symposium (GIIS) (pp. 1-6). IEEE.
Rajamohamed, R., Jose, T. J., Sumithra, S., & Vijaya, J. (2018). Multi model mitigation approach for network threats on cluster based linear chain routing protocol in wireless sensor networks at qos development. Wireless Personal Communications, 102(4), 3205–3224.
Latanicki, J., Massonet, P., Naqvi, S., Rochwerger, B., & Villari, M. (2010). Scalable cloud defenses for detection, analysis and mitigation of DDoS attacks. In Future internet assembly (pp. 127-137).
Al-Haidari, F., Sqalli, M. H., & Salah, K. (2012). Enhanced EDoS-shield for mitigating EDoS attacks originating from spoofed IP addresses. In 2012 IEEE 11th international conference on trust, security and privacy in computing and communications (pp. 1167-1174). IEEE.
Huang, V. S. M., Huang, R., & Chiang, M. (2013). A DDoS mitigation system with multi-stage detection and text-based turing testing in cloud computing. In 2013 27th international conference on advanced information networking and applications workshops (pp. 655-662). IEEE.
Karnwal, T., Sivakumar, T., & Aghila, G. (2012). A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack. In 2012 IEEE students’ conference on electrical, electronics and computer science (pp. 1-5). IEEE.
Kumar, M. N., Sujatha, P., Kalva, V., Nagori, R., Katukojwala, A. K., & Kumar, M. (2012). Mitigating economic denial of sustainability (edos) in cloud computing using in-cloud scrubber service. In 2012 Fourth international conference on computational intelligence and communication networks (pp. 535-539). IEEE.
Idziorek, J., Tannian, M., & Jacobson, D. (2011). Detecting fraudulent use of cloud resources. In Proceedings of the 3rd ACM workshop on cloud computing security workshop (pp. 61-72). ACM.
Gupta, S., & Kumar, P. (2017). Profile and back off based distributed NIDS in cloud. Wireless Personal Communications, 94(4), 2879–2900.
Mirkovic, J., & Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review, 34(2), 39–53.
Somani, G., Gaur, M. S., Sanghi, D., & Conti, M. (2016). DDoS attacks in cloud computing: Collateral damage to non-targets. Computer Networks, 109, 157–171.
Peng, T., Leckie, C., & Ramamohanarao, K. (2007). Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Computing Surveys (CSUR), 39(1), 3.
Douligeris, C., & Mitrokotsa, A. (2004). DDoS attacks and defense mechanisms: classification and state-of-the-art. Computer Networks, 44(5), 643–666.
Palmieri, F., Ricciardi, S., & Fiore, U. (2011). Evaluating network-based DoS attacks under the energy consumption perspective: new security issues in the coming green ICT area. In 2011 international conference on broadband and wireless computing, communication and applications (pp. 374-379). IEEE.
Shea, R., & Liu, J. (2012). Understanding the impact of denial of service attacks on virtual machines. In Proceedings of the 2012 IEEE 20th international workshop on quality of service (p. 27). IEEE Press.
Zhao, S., Chen, K., & Zheng, W. (2009). Defend against denial of service attack with VMM. In 2009 eighth international conference on grid and cooperative computing (pp. 91-96). IEEE.
Wang, H., Jia, Q., Fleck, D., Powell, W., Li, F., & Stavrou, A. (2014). A moving target DDoS defense mechanism. Computer Communications, 46, 10–21.
Alqahtani, S., and Gamble, R. F. (2015). DDoS attacks in service clouds. In 48th Hawaii international conference on system sciences (HICSS). (pp. 5331-5340). IEEE.
Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Buyya, R. (2017). Service resizing for quick DDoS mitigation in cloud computing environment. Annals of Telecommunications, 72(5–6), 237–252.
Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Rajarajan, M. (2017). DDoS victim service containment to minimize the internal collateral damages in cloud computing. Computers & Electrical Engineering, 59, 165–179.
Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Rajarajan, M. (2018). Scale inside-out: Rapid mitigation of cloud ddos attacks. IEEE Transactions on Dependable and Secure Computing, 15(6), 959–973.
http://www.systeen.com/2016/05/07/bash-script-monitor-cpu-memory-disk-usage-linux/.
Lindley D.V. (1990). Regression and correlation analysis. In Eatwell J., Milgate M., Newman P. (eds.), The New Palgrave. London: Palgrave Macmillan.https://doi.org/10.1007/978-1-349-20865-4-30.
Freedman, D. A. (2009). Statistical models: theory and practice. Cambridge: Cambridge University Press.
Lewicki, P., & Hill, T. (2006). Statistics: methods and applications. Tulsa, OK: Statsoft.
Foster, D. P., & George, E. I. (1994). The risk inflation criterion for multiple regression. The Annals of Statistics, 1947–1975.
Prasad, K. M., Reddy, A. R. M., & Rao, K. V. (2017). BIFAD: Bio-inspired anomaly based HTTP-flood attack detection. Wireless Personal Communications, 97(1), 281–308.
Yang, X. S., & Deb, S. (2010). Engineering optimisation by cuckoo search. arXiv preprint arXiv:1005.2908.
Shehab, M., Khader, A. T., & Al-Betar, M. A. (2017). A survey on applications and variants of the cuckoo search algorithm. Applied Soft Computing, 61, 1041–1059.
Beloglazov, A., Abawajy, J., & Buyya, R. (2012). Energy-aware resource allocation heuristics for efficient management of data centers for cloud computing. Future Generation Computer Systems, 28(5), 755–768.
Beloglazov, A., & Buyya, R. (2012). Optimal online deterministic algorithms and adaptive heuristics for energy and performance efficient dynamic consolidation of virtual machines in cloud data centers. Concurrency and Computation: Practice and Experience, 24(13), 1397–1420.
Beloglazov, A. (2013). Energy-efficient management of virtual machines in data centers for cloud computing.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Verma, P., Tapaswi, S. & Godfrey, W.W. AVDR: A Framework for Migration Policy to Handle DDoS Attacked VM in Cloud. Wireless Pers Commun 115, 1335–1361 (2020). https://doi.org/10.1007/s11277-020-07630-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-020-07630-6