Advertisement

Arabian Journal for Science and Engineering

, Volume 40, Issue 3, pp 773–785 | Cite as

Evaluation of the Impact of EDoS Attacks Against Cloud Computing Services

  • F. Al-Haidari
  • M. Sqalli
  • K. Salah
Research Article - Computer Engineering and Computer Science

Abstract

Cloud computing is currently one of the fastest growing segments of IT. To date, and according to a recent survey conducted by the International Data Corporation, security is the biggest challenge to cloud computing. A cloud introduces resource-rich computing platforms, where adopters are charged based on the usage of the cloud’s resources, known as “pay-as-you-use” or utility computing. However, a conventional Distributed Denial-of-Service (DDoS) attack on server and network resources compromises cloud computing services by charging cloud adopters more cost due to the attack activities that consume cloud’s resources. In such case, the main goal of such attack is to make the cloud computing unsustainable by targeting the cloud adopter’s economic resources. Thus, it constitutes a new breed of DDoS attacks, namely Economic Denial of Sustainability (EDoS) attack. In this paper, we study the impact of EDoS attacks on the cloud computing services, considering only a single class of service. We developed an analytical model verified by a simulation model to study such impact of EDoS attacks on the cloud computing. The analytical model relies on the queuing model that captures the cloud services and considers a number of performance and cost metrics including end-to-end response time, utilization of computing resources, throughput, and the incurred cost resulting from the attack.

Keywords

Cloud computing EDoS attacks Utility computing Modeling and analysis 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Gartner, Gartner Identifies the Top 10 Strategic Technologies for 2013. Analysts Examine Latest Industry Trends During Gartner Symposium/ITxpo, Orlando (2012)Google Scholar
  2. 2.
    Hoff, C.: Cloud computing security: from DDoS (Distributed Denial Of Service) to EDoS (Economic Denial of Sustainability). Blog. http://rationalsecurity.typepad.com/blog/2008/11/cloud-computing-security-from-ddos-distributed-denial-of-service-to-edos-economic-denial-of-sustaina.html. Retrieved 27 Nov 2008
  3. 3.
    Zlomislic, V.; Fertalj, K.; Sruk, V.: Denial of service attacks: an overview. In: 9th Iberian Conference on Information Systems and Technologies (CISTI), Barcelona, pp. 1–6 (2014)Google Scholar
  4. 4.
    AWS Documentation, AWS Web Application Hosting for Microsoft Windows. http://docs.amazonwebservices.com/gettingstarted/latest/wah/web-app-hosting-intro.html?r=1052
  5. 5.
    Amazon, Amazon Load Balancer Service. http://aws.amazon.com/elasticloadbalancing/
  6. 6.
    Buyya, R.; Ranjan, R.; Calheiros, R.N.: InterCloud: utility-oriented federation of cloud computing environments for scaling of application services. In: The 10th International Conference on Algorithms and Architectures for Parallel Processing, Busan, Korea (2010)Google Scholar
  7. 7.
    Bellenger, D.; Bertram, J.; Budina, A.; Koschel, A.; et al.: Scaling in cloud environments. In: Proceedings of the 15th WSEAS International Conference on Computers, Wisconsin, pp. 145–150 (2011)Google Scholar
  8. 8.
    Idziorek, J.: Discrete event simulation model for analysis of horizontal scaling in the cloud computing model. In: Proceedings of the 2010 Winter Simulation Conference, pp. 3004–3014 (2010)Google Scholar
  9. 9.
    Amazon Auto Scaling Developer Guide. Amazon Web Services LLC (2012)Google Scholar
  10. 10.
    Web application hosting in the AWS cloud: best practices. Amazon Web Services LLC (2010)Google Scholar
  11. 11.
    Chen, H.; Li, S.: A queueing-based model for performance management on cloud. In: 6th International Conference on Advanced Information Management and Service (IMS), Seoul, pp. 83–88 (2011)Google Scholar
  12. 12.
    Arlitt M., Williamson C.: Internet web servers: workload characterization and performance implications. IEEE/ACM Trans. Netw. 5(5), 815–826 (1997)CrossRefGoogle Scholar
  13. 13.
    Walraevens J., Wittevrongel S., Bruneel H.: Performance analysis of a priority queue with session-based arrivals and its application to E-commerce web servers. Int. J. Adv. Internet Technol. 2(1), 46–57 (2009)MathSciNetGoogle Scholar
  14. 14.
    Liu Z., Niclausse N., Jalpa C.: Traffic model and performance evaluation of web servers. Perform. Eval. 46(2–3), 77–100 (2001)CrossRefzbMATHGoogle Scholar
  15. 15.
    Nan, X.; He, Y.; Guan, L.: Optimal resource allocation for multimedia cloud based on queuing model. In: IEEE MMSP, pp. 1–6 (2010)Google Scholar
  16. 16.
    Calheiros, R.; Ranjan, R.; Buyya, R.: Virtual machine provisioning based on analytical performance and QoS in cloud computing environments. In: International Conference on Parallel Processing (ICPP), Taipei City, pp. 295–304 (2011)Google Scholar
  17. 17.
    Pal, R.; Hui, P.: Economic models for cloud service markets. Lecture Notes in Computer Science, Distributed Computing and Networking,vol. 7129, pp. 382–396. Springer (2012)Google Scholar
  18. 18.
    Shi, Y.; Jiang, X.; Ye K.: An energy-efficient scheme for cloud resource provisioning based on cloudSim. In: 2011 IEEE International Conference on Cluster Computing (CLUSTER), Austin, TX, pp. 595–599 (2011)Google Scholar
  19. 19.
    Scheinhardt, W.: Markov-modulated and feedback fluid queues. Ph.D. Thesis, University of Twente, the Netherlands. http://www.ub.utwente.nl/webdocs/tw/1/t0000008.pdf (1998)
  20. 20.
    Shen X., Chen H., Dai J., Dai W.: The finite element method for computing the stationary distribution of an SRBM in a hypercube with applications to finite buffer queueing networks. Queueing Syst. 42(1), 33–62 (2002)CrossRefzbMATHMathSciNetGoogle Scholar
  21. 21.
    Dawoud, W.; Takouna, I.; Meinel, C.: Elastic VM for rapid and optimum virtualized resources’ allocation. In: 5th International DMTF Academic Alliance Workshop on Systems and Virtualization Management (SVM), Paris, pp. 1–4 (2011)Google Scholar
  22. 22.
    Intel 82599 10 gigabit Ethernet controller. Intel (2009). http://download.intel.com/design/network/prodbrf/321731.pdf
  23. 23.
    Dong, Y.; Yang, X.; LI, X.; Tian, K.; Guan, H.: High performance network virtualization with SR-IOV. In: IEEE International Symposium on High Performance Computer Architecture (HPCA) (2010)Google Scholar
  24. 24.
    Sutton C., Jordan M.I.: Bayesian inference for queueing networks and modeling of internet services. Inst. Math. Stat. Ann. Appl. Stat. 5(1), 254–282 (2011)CrossRefzbMATHMathSciNetGoogle Scholar
  25. 25.
    Do T., Krieger U.R., Chakka R.: Performance modeling of an apache web server with a dynamic pool of service processes. Telecommun. Syst. 39(2), 117–129 (2008)CrossRefGoogle Scholar
  26. 26.
    Bi, J.; Zhu, Z.; Tian, R.; Wang, Q.: Dynamic provisioning modeling for virtualized multi-tier applications in clouddata center. In: Proceedings of IEEE 3rd International Conference on Cloud Computing (CLOUD 2010), pp. 370–377 (2010)Google Scholar
  27. 27.
    Singh, R.; et al.: Autonomic mix-aware provisioning for non-stationary data center workloads. In: Proceedings of the 7th International Conference on Autonomic Computing, USA (2010)Google Scholar
  28. 28.
    Kossmann, D.; Kraska, T.; Loesing, S.: An evaluation of alternative architectures for transaction processing in the cloud. In: Proceedings of International Conference on Management of Data (SIGMOD) (2010)Google Scholar
  29. 29.
    Kihl, M.; Cedersjö, G.; Robertsson, A.; Aspernäs, B.: Performance measurements and modeling of database servers. In: Sixth International Workshop on Feedback Control Implementation and Design in Computing Systems and Networks (FeBID 2011) (2011)Google Scholar
  30. 30.
    Gross D., Shortle J.F., Thompson J.M., Harris C.M.: Fundamentals of Queuing Theory. Wiley, New York (2008)CrossRefGoogle Scholar
  31. 31.
    Little J.: A proof for the queuing formula: \({{\rm L} = \lambda{W}}\). Oper. Res. 9(3), 383–387 (1961)CrossRefzbMATHMathSciNetGoogle Scholar
  32. 32.
    Liu, H.: A new form of DOS attack in a cloud and its avoidance mechanism. In: Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop, Chicago, pp. 65–76 (2010)Google Scholar
  33. 33.
    Singh N., Ghrera S.P., Chaudhuri P.: Denial of service attack: analysis of network traffic anormaly using queuing theory. J. Comput. Sci. Eng. 1(1), 48–54 (2010)Google Scholar
  34. 34.
    Wang Y., Lin C., Li Q., Fang Y.: A queueing analysis for the denial of service (DoS) attacks. Comput. Netw. 51, 3564–3573 (2007)CrossRefzbMATHGoogle Scholar
  35. 35.
    Boteanu, D.; Fernandez, J.M.; McHugh, J.; Mullins, J.: Queue management as a DoS counter-measure? In: Garay, J.A.; Lenstra, A.K.; Mambo, M.; Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 263–280. Springer, Heidelberg (2007)Google Scholar
  36. 36.
  37. 37.
    Law A., Kelton W.: Simulation Modeling and Analysis, 3rd edn. McGraw-Hill, New York (2000)Google Scholar
  38. 38.
    Jain R.: The Art of Computer Systems Performance Analysis. Wiley, New York (1991)zbMATHGoogle Scholar
  39. 39.
    Catteddu, D., Hogben G.: Cloud computing: benefits, risks and recommendations for information security. Technical Report, European Network and Information Security Agency (2009)Google Scholar
  40. 40.
    Islam, S.; Lee, K.; Fekete, A.; Liu, A.: How a consumer can measure elasticity for cloud platforms. Technical Report, School of Information Technology, Univercity of Sydeny (2011)Google Scholar
  41. 41.
    Xiong, K.; Perros, H.: Service performance and analysis in cloud computing. In: SERVICES ’09: Proceedings of the 2009 Congress on Services—I (2009)Google Scholar
  42. 42.
    Hu, Y.; Wong, J.; Iszlai, G.; Litoiu, M.: Resource provisioning for cloud computing. In: Proceedings of the 2009 Conference of the Centerfor Advanced Studies on Collaborative Research (CASCON ’09), ACM, pp. 101–111 (2009)Google Scholar
  43. 43.
    Sqalli, M.; Al-Haidari, F.; Salah, K.: EDoS-Shield—a two-steps mitigation technique against EDoS attacks in cloud computing. In: Fourth IEEE International Conference on Utility and Cloud Computing (UCC 2011), Victoria, NSW, pp. 49–56 (2012)Google Scholar
  44. 44.
    Al-Haidari, F.; Sqalli, M.H.; Salah, K.: Enhanced EDoS-shield for mitigating EDoS attacks originating from spoofed IP addresses. In: The 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Liverpool, United Kingdom, pp. 1167–1174, 25–27 June 2012 (2012)Google Scholar

Copyright information

© King Fahd University of Petroleum and Minerals 2014

Authors and Affiliations

  1. 1.Computer Information System DepartmentUniversity of Dammam (UoD)DammamSaudi Arabia
  2. 2.Computer Engineering DepartmentKFUPMDhahranSaudi Arabia
  3. 3.Electrical and Computer Engineering DepartmentKhalifa University of Science, Technology and Research (KUSTAR)SharjahUAE

Personalised recommendations