Advertisement

Cluster Computing

, Volume 22, Supplement 2, pp 3749–3758 | Cite as

An exponent based error detection mechanism against DXDOS attack for improving the security in cloud

  • J. VijayalakshmiEmail author
  • C. R. Rene Robin
Article
  • 107 Downloads

Abstract

Providing security to Cloud against the harmful attacks is an important and essential thing in recent days. Because, there are lot of attacks intend to affect the performance of data transmission in Cloud. Specifically, the extensible markup language-denial of service (XML-DoS) cause the severe damage to Cloud, which misuses the protocols for injecting the attack packets and disturbing the protocol handlers. So, this type of attack must be detected for enabling a reliable and secure service delivery in Cloud. For this purpose, the traditional works developed various attack detection mechanisms for identifying and blocking the XML-DoS attacks, but it lacks with the limitations of increased computation overhead, reduced detection accuracy, and inefficient classification. To solve these issues, this paper aims to develop a new attack detection framework based on the XML schema. The stages that involved in this work are, pattern validation, traffic extraction, error classification, and IP traceback. At first, the individual users transmit the packets to the routers, then the packet marking is performed based on the router IP. After that, the patterns of the packets are validated, if it is valid, the distinct IP is counted for IP matching. Consequently, the time sequence Tsallis entropy, source IP Tsallis entropy, and Lyapunov exponent are estimated. Based on the estimated exponent value, the error is classified as the chaotic or non-chaotic. Finally, the bee colony algorithm is implemented to perform the IP traceback, which takes the appropriate decision for blocking the attacker packets from the particular server. In experiments, the performance of the proposed method is evaluated by using various performance measures. Also, the superiority of the proposed system is proved by comparing it with the existing techniques.

Keywords

Cloud computing Extensible markup language (XML)-denial of service (DoS) attack Pattern validation Tsallis entropy Lyapunov exponent Bee colony algorithm (BCA) 

References

  1. 1.
    Singh, S.: Security in cloud computing. Int. J. Comput. Appl. Technol. Res. 3, 488–493 (2014)Google Scholar
  2. 2.
    Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., Vasilakos, A.V.: Security and privacy for storage and computation in cloud computing. Inf. Sci. 258, 371–386 (2014)Google Scholar
  3. 3.
    Rong, C., Nguyen, S.T., Jaatun, M.G.: Beyond lightning: a survey on security challenges in cloud computing. Comput. Electr. Eng. 39, 47–54 (2013)Google Scholar
  4. 4.
    Modi, C., Patel, D., Borisaniya, B., Patel, A., Rajarajan, M.: A survey on security issues and solutions at different layers of cloud computing. J. Supercomput. 63, 561–592 (2013)Google Scholar
  5. 5.
    Shruthi, B., Nijagunarya, Y.: X-DoS (XML denial of service) attack strategy on cloud computing. Imp. J. Interdiscipl. Res. 2 (2016)Google Scholar
  6. 6.
    Sagar, A., Joshi, B.K., Mathur, N.: A study of distributed denial of service attack in cloud computing (DDoS). In: Edition on Cloud and Distributed Computing: Advances and Applications, vol. 2 (2013)Google Scholar
  7. 7.
    Chou, T.-S.: Security threats on cloud computing vulnerabilities. Int. J. Comput. Sci. Inf. Technol. 5, 79 (2013)Google Scholar
  8. 8.
    Ahmed, R., Hussain, M., Rahmani, T.S., Mansoor, A., Ali, M.L.: Minimization of security issues in cloud computing. J. Inf. Commun. Technol. Robot. Appl. (JICTRA). (Formally known as Journal of Computer Science of NICE). ISSN# 2226-3683, vol. 3, pp. 1–39 (2017)Google Scholar
  9. 9.
    Singh, S., Jeong, Y.S., Park, J.H.: A survey on cloud computing security: issues, threats, and solutions. J. Netw. Comput. Appl. 75, 200–222 (2016)Google Scholar
  10. 10.
    Ankita, P., Khatiwala, F.: Survey on DDoS attack detection and prevention in cloud. Int. J. Eng. Technol. Manag. Appl. Sci. 3, 43–47 (2015)Google Scholar
  11. 11.
    Gupta, B., Badve, O.P.: Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a cloud computing environment. Neural Comput. Appl. 28, 3655–3682 (2017)Google Scholar
  12. 12.
    Chiba, Z., Abghour, N., Moussai, K., Elomri, A., Rida, M.: A cooperative and hybrid network intrusion detection framework in cloud computing based on snort and optimized back propagation neural network. Procedia Comput. Sci. 83, 1200–1206 (2016)Google Scholar
  13. 13.
    Gupta, A.N., Thilagam, P.S.: Attacks on web services need to secure xml on web. Comput. Sci. Eng. 3, 1 (2013)Google Scholar
  14. 14.
    Nezhad, S.M.T., Nazari, M., Gharavol, E.A.: A novel DoS and DDoS attacks detection algorithm using ARIMA time series model and chaotic system in computer networks. IEEE Commun. Lett. 20, 700–703 (2016)Google Scholar
  15. 15.
    Esfahani, R.G., Azgomi, M.A., Fathi, R.: Anomaly detection in XML-structured SOAP messages using tree-based association rule mining (2016). arXiv:1605.06466
  16. 16.
    Iyengar, N.C.S., Ganapathy, G.: Chaotic theory based defensive mechanism against distributed denial of service attack in cloud computing environment. Int. J. Secur. Appl. 9, 197–212 (2015)Google Scholar
  17. 17.
    Menahem, E., Schclar, A., Rokach, L., Elovici, Y.: XML-AD: detecting anomalous patterns in XML documents. Inf. Sci. 326, 71–88 (2016)Google Scholar
  18. 18.
    Ma, X., Chen, Y.: DDoS detection method based on chaos analysis of network traffic entropy. IEEE Commun. Lett. 18, 114–117 (2014)Google Scholar
  19. 19.
    Ficco, M., Rak, M.: Stealthy denial of service strategy in cloud computing. IEEE Trans. Cloud Comput. 3, 80–94 (2015)Google Scholar
  20. 20.
    Moussa,B., Mostafa, M., EI-Khouly, M.: XML schema-based minification for communication of security information and event management (SIEM) systems in cloud environments (2014). arXiv:1410.2553
  21. 21.
    Parashar, A., Radhakrishnan, R.: A review of packet marking ip traceback schemes. Int. J. Comput. Appl. 67 (2013)Google Scholar
  22. 22.
    Nasridinov, A., Jeong, Y., Byun, J., Park, Y.: A histogram-based method for efficient detection of rewriting attacks in simple object access protocol messages. Secur. Commun. Netw. 9, 492–499 (2016)Google Scholar
  23. 23.
    Vijayalakshmi, J., Robin, C.R.R.: A framework to defy DXDOS against XML webservices in cloud environment using modified SOA. J. Comput. Theor. Nanosci. 14(9), 4429–4433 (2017)Google Scholar
  24. 24.
    Murugan, A., Vivekanandan, K.: XSD DDoS trace handler in web service environment. JSW 10, 1086–1095 (2015)Google Scholar
  25. 25.
    Casola, V., De Benedictis, A., Rak, M., Villano, U.: SLA-based secure cloud application development: the SPECS framework. In: 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), pp. 337–344 (2015)Google Scholar
  26. 26.
    Suresh, A., Varatharajan, R.: Competent resource provisioning and distribution techniques for cloud computing environment. Clust. Comput. (2017).  https://doi.org/10.1007/s10586-017-1293-6 Google Scholar
  27. 27.
    Chinnasamy, A., Sivakumar, B., Selvakumari, P., Suresh, A.: Minimum connected dominating set based RSU allocation for smartCloud vehicles in VANET. Clust. Comput. (2018).  https://doi.org/10.1007/s10586-018-1760-8 Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Sri Sai Ram Engineering CollegeAnna UniversityChennaiIndia
  2. 2.Jerusalem College of EngineeringChennaiIndia

Personalised recommendations