Advertisement

An OpenStack based cloud testbed framework for evaluating HTTP flooding attacks

  • A. DhanapalEmail author
  • P. Nithyanandam
Article

Abstract

The cloud computing has inherent challenges to detect the Hyper Text Transfer Protocol (HTTP) flooding Distributed Denial of Service (DDoS) attack due to its natural characteristics like virtualization, elasticity and multi-tenancy. The usage of cloud computing is user-friendly, but the implementation of the cloud infrastructure such as compute node, networking, cloud storage is very complex in order to achieve its various characteristics. Similarly, detecting the HTTP flooding attack in the cloud is also very complex as it requires an understanding of various potential attack paths in such a complex environment. So, designing the cloud testbed framework to detect the HTTP flooding attacks is a challenging problem to be solved. The cloud testbed framework has to consider several aspects of attack scenarios while accounting the cloud characteristics. This paper reviews the existing DDoS attack detection framework and their gaps and proposes a cloud testbed framework for evaluating the HTTP flooding DDoS attack solution. The proposed framework is implemented using the OpenStack cloud environment. The Fédération Internationale de Football Association (FIFA) World Cup 1998 real-time dataset is used to generate the HTTP flooding attack to the OpenStack cloud testbed framework for the experimentation.

Keywords

DDoS Cloud testbed framework HTTP flooding OpenStack Cloud computing security Layer 7 attacks 

References

  1. 1.
    The 5 motives for DDoS attack. https://arch.simplicable.com/arch/new/the-5-motives-for-DDoS-attack. Accessed 9 Jan 2019.
  2. 2.
    NIST Cloud Computing Program—NCCP. https://www.nist.gov/programs-projects/nist-cloud-computing-program-nccp. Accessed 9 Jan 2019.
  3. 3.
    Top 10 security concerns for cloud-based services. https://www.incapsula.com/blog/top-10-cloud-security-concerns.html. Accessed 9 Jan 2019.
  4. 4.
    Dhanapal, A., et al. (2013) Data usage security, accounting and auditing in cloud computing. In National Conference on Networking and Communication Systems (NCS) (vol. 2, pp. 226–229).Google Scholar
  5. 5.
    Denial of service attack: what is a dos attack? https://security.radware.com/ddos-knowledge-center/ddospedia/dos-attack/. Accessed 9 Jan 2019.
  6. 6.
    DDoS attack types and mitigation methods. https://www.incapsula.com/ddos/ddos-attacks/. Accessed 9 Jan 2019.
  7. 7.
    What is a DDoS attack and how do you protect against DDoS attacks? https://www.arbornetworks.com/research/what-is-ddos. Accessed 9 Jan 2019.
  8. 8.
    Why move to the cloud? 10 benefits of cloud computing. https://www.salesforce.com/uk/blog/2015/11/why-move-to-the-cloud-10-benefits-of-cloud-computing.html. Accessed 9 Jan 2019.
  9. 9.
    DDoS top 6: Why hackers attack. https://www.pentasecurity.com/blog/ddos-top-6-hackers-attack/. Accessed 9 Jan 2019.
  10. 10.
    Widespread cyberattack takes down sites worldwide. http://money.cnn.com/2016/10/21/technology/ddos-attack-popular-sites/index.html. Accessed 9 Jan 2019.
  11. 11.
  12. 12.
  13. 13.
    Denial-of-Service attacks meet the cloud: 4 Lessons. https://www.cio.com/article/2413818/cloud-computing/denial-of-service-attacks-meet-the-cloud--4-lessons.html. Accessed 9 Jan 2019.
  14. 14.
    Cloud delivery models. http://whatiscloud.com/cloud_delivery_models/index. Accessed 9 Jan 2019.
  15. 15.
    Cloud deployment models. http://whatiscloud.com/cloud_deployment_models/index. Accessed 9 Jan 2019.
  16. 16.
    Dhanapal, A., et al. (2018) A review of cloud computing adoption issues and challenges. Recent Patents on Computer Science.  https://doi.org/10.2174/2213275911666181114142428.
  17. 17.
    World Cup Web Site Access Logs. http://ita.ee.lbl.gov/html/contrib/WorldCup.html.
  18. 18.
    Dhanapal, A., et al. (2017) An effective mechanism to regenerate HTTP flooding DDoS attack using real time data set. In ICICICT (pp. 570–575).Google Scholar
  19. 19.
    Smirnov, A.V., et al. (2016) Network traffic processing module for infrastructure attacks detection in cloud computing platforms. In IEEE (pp. 199–202).Google Scholar
  20. 20.
    Kobayashi, R., et al. (2016). Defense method of HTTP GET flood attack by adaptively controlling server resources depending on different attack intensity. Journal of Information Processing, 24(5), 802–815.CrossRefGoogle Scholar
  21. 21.
    Shruthi, B. T., et al. (2016). X-DoS (XML Denial of Service) attack strategy on cloud computing. Imperial Journal of Interdisciplinary Research, 2(12), 1665–1669.Google Scholar
  22. 22.
    Shahanaz Begum, I., et al. (2016). DDoS attack detection and prevention in private cloud environment. International Journal of Innovations in Engineering and Technology, 7(3), 527–531.Google Scholar
  23. 23.
    Kiruthika Devi, B. S., et al. (2016). Comparative analysis of security methods for DDoS attacks in the cloud computing environment. Indian Journal of Science and Technology, 9(34), 1–7.CrossRefGoogle Scholar
  24. 24.
    Karnwal, T., et al. (2012) A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack. In IEEE Students’ Conference on Electrical, Electronics and Computer Science (pp. 1–5).Google Scholar
  25. 25.
    Osanaiye, O., et al. (2016) Change-point cloud DDoS detection using packet inter-arrival time. In 8th Computer Science and Electronic Engineering Conference (CEEC) (pp. 204–209).Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.School of Computing Science and EngineeringVIT UniversityChennaiIndia

Personalised recommendations