Advertisement

Multimedia Tools and Applications

, Volume 78, Issue 4, pp 4267–4298 | Cite as

Network flow analysis for detection and mitigation of Fraudulent Resource Consumption (FRC) attacks in multimedia cloud computing

  • Kriti Bhushan
  • Brij B. GuptaEmail author
Article

Abstract

Multimedia computing has evolved as a remarkable technology which provides services to view, create, edit, process, and search multimedia contents. All these multimedia services have high computational, bandwidth, and storage requirements. Therefore, multimedia cloud computing has gained appreciable popularity and acceptance in the past one decade. The convenience of cloud computing comes with financial burden. One of the fundamental features of cloud computing, which helps in reducing the financial worries of the multimedia service providers is the cloud’s pay-as-you-go pricing model. However, the cloud’s pricing model has also attracted adversaries that have hindered the migration of services and/or data by various organisations to the cloud. Through the cloud’s pay-as-you-go pricing model, attackers usually target the financial viability of the cloud customers. Therefore, such attacks are capable to affect the long term availability of multimedia-services hosted on the public cloud. These attacks are known as Fraudulent Resource Consumption (FRC) attack. Therefore, research in the area of FRC attack detection and mitigation is important in motivating the organisations to adopt the public cloud platform. In this paper, we propose a novel approach based on network flow analysis at the victim side to detect and mitigate the FRC attacks against cloud-based services. Experiments were conducted using real world benchmark datasets to evaluate the performance of the proposed approach. Experimental outcomes suggest that our proposed approach is able to detect and mitigate the FRC attacks with satisfactory accuracy and low overhead.

Keywords

Fraudulent Resource Consumption (FRC) attacks Network flow analysis Low rate DDoS attacks Cloud security Cloud pricing model Turing test EDoS attack Multimedia cloud 

Notes

Acknowledgements

This research work is being supported by Project grant (SB/FTP/ETA-131/2014) from SERB, DST, Government of India.

References

  1. 1.
    Al-Haidari F, Sqalli MH, Salah K (2012) Enhanced EDoS-Shield for Mitigating EDoS Attacks Originating from Spoofed IP Addresses. In: IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, Liverpool, pp 1167–1174Google Scholar
  2. 2.
    Arun P, Kumar R, Selvakumar S (2013) Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Comput Commun, Elsevier 36(3):303–319Google Scholar
  3. 3.
    Atat R, Liu L, Chen H, Wu J, Li H, Yi Y (2017) Enabling cyber-physical communication in 5G cellular networks: challenges, spatial spectrum sensing, and cyber-security. IET Cyber-Phys Syst: Theor Appl 2(1):49–54Google Scholar
  4. 4.
    Baig ZA, Sait SM, Binbeshr F (2016) Controlled access to cloud resources for mitigating Economic Denial of Sustainability (EDoS) attacks. Comput Netw, Elsevier 97:31–47Google Scholar
  5. 5.
    Bhushan K, Gupta BB (2017) A novel approach to defend multimedia flash crowd in cloud environment. Multimed Tools Appl 1–31. SpringerGoogle Scholar
  6. 6.
    Bhuyan MH, Bhattacharyya DK, Kalita JK (2015) An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recogn Lett. Elsevier 51:1–7Google Scholar
  7. 7.
    Bushell D In Search of The Best CAPTCHA”, https://www.smashingmagazine.com/2011/03/in-search-of-the-perfect-captcha/. Accessed 3 Sept 2017
  8. 8.
    Buyya R, Broberg J, Goscinski A (2011) CLOUD COMPUTING: principles and paradigms. Wiley, HobokenGoogle Scholar
  9. 9.
    Chang X, Yang Y (2017) Semisupervised feature analysis by mining correlations among multiple tasks. IEEE Trans Neural Netw Learn Syst 28(10):2294–2305MathSciNetGoogle Scholar
  10. 10.
    Chang X, Yu YL, Yang Y, Xing EP (2017) Semantic pooling for complex event analysis in untrimmed videos. IEEE Trans Pattern Anal Mach Intell 39(8):1617–1632Google Scholar
  11. 11.
    Chang X, Ma Z, Yang Y, Zeng Z, Hauptmann AG (2017) Bi-level semantic representation analysis for multimedia event detection. IEEE Trans Cybern 47(5):1180–1197Google Scholar
  12. 12.
    Chang X, Ma Z, Lin M, Yang Y, Hauptmann A (2017) Feature Interaction Augmented Sparse Learning for Fast Kinect Motion Detection. IEEE Trans Image Process 26(8):3911–3920MathSciNetzbMATHGoogle Scholar
  13. 13.
    Chen Y, Hwang K (2006) Collaborative detection and filtering of shrew DDoS attacks using spectral analysis. J Parallel Distrib Comput, Elsevier 66(9):1137–1151zbMATHGoogle Scholar
  14. 14.
    DARPA Intrusion Detection Evaluation Data Set, MIT Lincoln Laboratory 1999 [Online]. https://ll.mit.edu/ideval/data/1999data.html. Accessed 3 Sept 2017
  15. 15.
    Feitosa E, Souto E, Sadok DH (2012) An orchestration approach for unwanted internet traffic identification. Comput Netw, Elsevier 56(12):2805–2831Google Scholar
  16. 16.
    Hoff C (2008) Cloud Computing Security: From DDoS (Distributed Denial Of Service) to EDoS (Economic Denial of Sustainability), http://www.rationalsurvivability.com/blog/2008/11/cloud-computing-security-from-ddos-distributed-denial-of-service-to-edos-economic-denial-of-sustainability/. Available online, Accessed on 16/08/2017]
  17. 17.
    Idziorek J, Tannian M (2011) Exploiting cloud utility models for profit and ruin. In: IEEE International Conference on Cloud Computing (CLOUD). Washington DC, pp 33–40Google Scholar
  18. 18.
    Idziorek J, Tannian M, Jacobson D (2011) Detecting fraudulent use of cloud resources. In: Proceedings of the 3rd ACM workshop on Cloud computing security workshop (CCSW '11), NY, USA, pp 61–72Google Scholar
  19. 19.
    Idziorek J, Tannian M, Jacobson D (2012) Attribution of Fraudulent Resource Consumption in the Cloud. In: IEEE Fifth International Conference on Cloud Computing, Honolulu, pp 99–106Google Scholar
  20. 20.
    Idziorek J, Tannian MF, Jacobson D (2013) The Insecurity of Cloud Utility Models. IT Prof IEEE 15(2):22–27Google Scholar
  21. 21.
    Jouini M, Rabai LBA (2016) A Security Framework for Secure Cloud Computing Environments. Int J Cloud Appl Comput (IJCAC) 6(3):32–44Google Scholar
  22. 22.
    Khor SH, Nakao A (2009) spow: On-demand cloud-based eddos mitigation mechanism. HotDep (Fifth Workshop on Hot Topics in System Dependability), LisbonGoogle Scholar
  23. 23.
    Koduru A, Neelakantam T, Saira Bhanu SM (2013) Detection of Economic Denial of Sustainability Using Time Spent on a Web Page in Cloud. In: IEEE International Conference on Cloud Computing in Emerging Markets (CCEM), Bangalore, pp 1–4Google Scholar
  24. 24.
    Kumar MN et al (2012) Mitigating Economic Denial of Sustainability (EDoS) in Cloud Computing Using In-cloud Scrubber Service. In: Fourth International Conference on Computational Intelligence and Communication Networks, Mathura, pp 535–539Google Scholar
  25. 25.
    Li J, Li YK, Chen X, Lee PPC, Lou W (2015) A Hybrid Cloud Approach for Secure Authorized Deduplication. IEEE Trans Parallel Distrib Syst 26(5):1206–1216Google Scholar
  26. 26.
    Li J, Liu Z, Chen X, Xhafa F, Tan X, Wong DS (2015) L-EncDB: a lightweight framework for privacy preserving data queries in cloud computing. Knowl-Based Syst, Elsevier 79:18–26Google Scholar
  27. 27.
    Li J, Li J, Chen X, Jia C, Lou W (2015) Identity-based Encryption with Outsourced Revocation in Cloud Computing. IEEE Trans Comput 64(2):425–437MathSciNetzbMATHGoogle Scholar
  28. 28.
    Li P, Li J, Huang Z, Li T, Gao C-Z, Yiu S-M, Chen K (2017) Multi-key privacy-preserving deep learning in cloud computing. Futur Gener Comput Syst 74:76–85Google Scholar
  29. 29.
    Li P, Li J, Huang Z, Gao C-Z, Chen W-B, Chen K (2017) Privacy-preserving outsourced classification in cloud computing. Clust Comput:1–10.  https://doi.org/10.1007/s10586-017-0849-9
  30. 30.
    Li J, Zhang Y, Chen X, Yang X (2018) Secure attribute-based data sharing for resource-limited users in cloud computing. Comput Secur 72:1–12.  https://doi.org/10.1016/j.cose.2017.08.007 Google Scholar
  31. 31.
    Luo H, Lin Y, Zhang H, Zukerman M (2013) Preventing DDoS attacks by identifier/locator separation. IEEE Netw 27(6):60–65Google Scholar
  32. 32.
    Maciá-Fernández G, Rodríguez-Gómez RA, Díaz-Verdejo JE (2010) Defense techniques for low-rate DoS attacks against application servers. Comput Netw. Elsevier 54(15):2711–2727zbMATHGoogle Scholar
  33. 33.
    Maksoudian YL (1969) Probability and statistics with applications. International textbook company, PennsylvaniaGoogle Scholar
  34. 34.
    Masood M, Anwar Z, Raza SA, Hur MA (2013) EDoS Armor: A cost effective economic denial of sustainability attack mitigation framework for e-commerce applications in cloud environments. INMIC, Lahore, pp 37–42Google Scholar
  35. 35.
    Mell P, Grance T (2011) SP 800-145. the NIST Definition of Cloud Computing. Technical Report, NIST, GaithersburgGoogle Scholar
  36. 36.
    Moore D et al (2006) Inferring internet denial-of-service activity. ACM Trans Comput Syst (TOCS) 24(2):115–139Google Scholar
  37. 37.
    Ouf S, Nasr M (2015) Cloud Computing: The Future of Big Data Management. Int J Cloud Appl Comput (IJCAC) 5(2):53–61Google Scholar
  38. 38.
    Ratten V (2015) Cloud Computing Technology Innovation Advances: A Set of Research Propositions. Int J Cloud Appl Comput (IJCAC) 5(1):69–76Google Scholar
  39. 39.
    Sqalli MH, Al-Haidari F, Salah K (2011) EDoS-Shield - A Two-Steps Mitigation Technique against EDoS Attacks in Cloud Computing. In: Fourth IEEE International Conference on Utility and Cloud Computing. Victoria, NSW, pp 49–56Google Scholar
  40. 40.
    The CAIDA UCSD (2007) DDoS Attack. Dataset [Online]. http://www.caida.org/data/passive/ddos-20070804_dataset.xml. Accessed 3 Sept 2017
  41. 41.
    Wu J, Guo S, Li J, Zeng D (2016) Big data meet green challenges: Big data toward green applications. IEEE Syst J 10(3):888–900Google Scholar
  42. 42.
    Wu J, Guo S, Li J, Zeng D (2016) Big data meet green challenges: Greening big data. IEEE Syst J 10(3):873–887Google Scholar
  43. 43.
    Xiang Y, Li K, Zhou W (2011) Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics. IEEE Trans Inf Forensics Secur 6(2):426–437Google Scholar
  44. 44.
    Yang T et al (2017) A secure smart card authentication and authorization framework using in multimedia cloud. Multimed Tools Appl 76(9):11715–11737. SpringerGoogle Scholar
  45. 45.
    Yu S, Zho W, Jia W, Guo S, Xiang Y, Tang F (2012) Discriminating DDoS attacks from flash crowds using flow correlation coefficient. IEEE Trans Parallel Distrib Syst 23(6):1073–1080Google Scholar
  46. 46.
    Zhang C, Cai Z, Chen W, Luo X, Yin J (2012) Flow level detection and filtering of low-rate DDoS. Comput Netw. Elsevier 56(15):3417–3431Google Scholar
  47. 47.
    Zhu W, Luo C, Wang J, Li S (2011) Multimedia Cloud Computing. IEEE Signal Process Mag 28(3):59–69Google Scholar
  48. 48.
    Zhu W, Jiang H, Zhou S, Addison M (2017) An optimal resources scheduling strategy on multimedia cloud computing under multi-device constraint. Multimed Tools Appl Springer 76(19):19429–19444Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2017

Authors and Affiliations

  1. 1.National Institute of Technology KurukshetraKurukshetraIndia

Personalised recommendations