Abstract
Today, the providers of cloud computing services are among the most prominent service suppliers worldwide. Availability of cloud services is one of the most important concerns of cloud service providers (CSPs) and cloud users (CUs). Distributed Denial of Service (DDoS) attacks are common types of security issues which affect cloud services and consequently, can lead to unavailability of the services. Therefore, reducing the effects of DDoS attacks helps CSPs to provide high quality services to CUs. In this paper, first, we propose an anomaly-based DDoS attack detection framework in cloud environment using a third party auditor (TPA). Second, we provide multiple basic assumptions and configurations of cloud environments for establishing simulation tests to evaluate our proposed framework. Then, we provide results of simulation tests to analyze the feasibility of our approach. Simulation results demonstrate that our method for detecting DDoS attacks in CSPs has following advantages: efficiency, because of the low overhead of computations on CSPs for attack detection; rapid, due to informing a CSP about an attack in a short course of time regarding the maximum valid response time which is defined in a service level agreement (SLA); and precision, through no false positive detection as well as a low rate of false negative detection which is < 2% of all scenarios of the simulation tests. Finally, we present a table to compare characteristics of our framework with other ones in the literature.
Similar content being viewed by others
References
Popović, K., Hocenski, Ž.: Cloud computing security issues and challenges. In: 2010 MIPRO Proceedings of the 33rd International Convention. pp 344–349
Hutchings, A., Smith, R.G., James, L.: Cloud computing for small business: criminal and security threats and prevention measures. Trends Issues Crime Crim Justice (456), 1 (2013)
Maghrabi, L.A.: The threats of data security over the Cloud as perceived by experts and university students. In: 2014 World Symposium on Computer Application and Research (WSCAR), pp. 1–6
Velev, D., Zlateva, P.: (2011) Cloud infrastructure security. In: Camenisch, J., Dubovitskaya, M. (eds.) Open Research Problems in Network Security, pp 140–148. Springer, Berlin, 2011
Fernandes, D.A.B., Soares, L.F.B., Gomes, J.V., Freire, M.M., Inácio, P.R.M.: Security issues in cloud environments: a survey. Int. J. Inf. Secur. 13, 113–170 (2014)
Zlomislić, V., Fertalj, K., Sruk, V.: Denial of service attacks, defences and research challenges. Cluster Comput. 20, 661–671 (2017)
Khaldi, A., Karoui, K., Tanabene, N., Ben, G.H.: (2014) A secure cloud computing architecture design. In: 2014 2nd IEEE International Conference Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp 289–294
MacDermott, A., Shi, Q., Merabti, M., Kifiyat, K.: Considering an elastic scaling model for cloud security. In: 2013 8th International Conference on Internet Technology and Secured Transactions, pp 150–155
Darwish, M., Ouda, A., Capretz, L.F.: Cloud-based DDoS attacks and defenses. In: 2013 International conference Information Society (i-Society), pp 67–71
Dou, W., Chen, Q., Chen, J.: A confidence-based filtering method for DDoS attack defense in cloud environment. Future Gener. Comput. Syst. 29, 1838–1850 (2013)
Navaz, A.S., Sangeetha, V., Prabhadevi, C.: Entropy based anomaly detection system to prevent DDoS attacks in cloud. arXiv Prepr. arXiv1308.6745 (2013)
Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: 2009 European Symposium on Research in Computer Security, pp. 355–370
Security guidance for critical areas of focus in cloud computing. (2009). https://www.cloudsecurityalliance.org
Wang, C., Chow, S.S.M., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. Comput. IEEE Trans. 62, 362–375 (2013)
Ismail, M.N., Aborujilah, A., Musa, S., Shahzad, A.: Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach. In: 2013 7th International Conference on Ubiquitous Information Management and Communication, p. 36
Wang, B., Zheng, Y., Lou, W., Hou, Y.T.: DDoS attack protection in the era of cloud computing and software-defined networking. Comput. Netw. 81, 308–319 (2015)
Choi, J., Choi, C., Ko, B., Choi, D., Kim, P.: Detecting web based DDoS attack using MapReduce operations in cloud computing environment. J. Internet Serv. Inf. Secur. 3, 28–37 (2013)
Lonea, A.M., Popescu, D.E., Tianfield, H.: Detecting DDoS attacks in cloud computing environment. Int. J. Comput. Commun. Control 8, 70–78 (2013)
Negi, P., Mishra, A., Gupta, B.B.: Enhanced CBF packet filtering method to detect DDoS attack in cloud computing environment. arXiv Prepr. arXiv1304.7073 (2013)
Contractor, D., Patel, D.: Trust management framework for attenuation of application layer ddos attack in cloud computing. Trust Manag. VI, 201–208. (2012)
Karnwal, T., Sivakumar, T., Aghila, G.: A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack. In: 2012 IEEE Students’ Conference on Electrical, Electronics and Computer Science, pp. 1–5
Chonka, A., Xiang, Y., Zhou, W., Bonti, A.: Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks. J. Netw. Comput. Appl. 34, 1097–1107 (2011)
Yu, S., Tian, Y., Guo, S., Wu, D.O.: Can we beat DDoS attacks in clouds? IEEE Trans. Parallel Distrib Syst. 25, 2245–2254 (2014)
Rajendran, R., Kumar, S.V.N.S., Palanichamy, Y., Arputharaj, K.: Detection of DoS attacks in cloud networks using intelligent rule based classification system. Cluster Comput. 22, 423–434 (2019)
Osanaiye, O., Cai, H., Choo, K.-K.R., Dehghantanha, A., Xu, Z., Dlodlo, M.: Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP J. Wirel. Commun. Netw. (2016). https://doi.org/10.1186/s13638-016-0623-3
Yang, C.: Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment. Cluster Comput. 22, 8309–8317 (2018)
Wahab, O.A., Bentahar, J., Otrok, H., Mourad, A.: Optimal load distribution for the detection of VM-based DDoS attacks in the cloud. IEEE Trans. Serv. Comput. (2017). https://doi.org/10.1109/TSC.2017.2694426
Velliangiri, S., Premalatha, J.: Intrusion detection of distributed denial of service attack in cloud. Cluster Comput. 22, 10615–10623 (2017)
Salman, T., Bhamare, D., Erbad, A., Jain, R., Samaka, M.: Machine learning for anomaly detection and categorization in multi-cloud environments. In: 2017 IEEE 4th International Conference on Cyber Security and Cloud, pp. 97–103
Abbasi, H., Ezzati-Jivan, N., Bellaiche, M., Talhi, C., Dagenais, M.R.: Machine learning-based EDoS attack detection technique using execution trace analysis. J. Hardw. Syst. Secur. 3, 164–176 (2019)
Ficco, M., Palmieri, F.: Introducing fraudulent energy consumption in cloud infrastructures: a new generation of denial-of-service attacks. IEEE Syst. J. 11, 460–470 (2017)
Gupta, B.B., Badve, O.P.: Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a cloud computing environment. Neural Comput. Appl. 28, 3655–3682 (2017)
Osanaiye, O., Choo, K.-K.R., Dlodlo, M.: Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J. Netw. Comput. Appl. 67, 147–165 (2016)
Tari, Z., Yi, X., Premarathne, U.S., Bertok, P., Khalil, I.: Security and privacy in cloud computing: vision, trends, and challenges. IEEE Cloud Comput 2, 30–38 (2015)
Calheiros, R.N., Ranjan, R., Beloglazov, A., De Rose, C.A.F., Buyya, R.: CloudSim: a toolkit for modeling and simulation of cloud computing environments and evaluation of resource provisioning algorithms. Softw. Pract. Exp. 41, 23–50 (2011)
Anagnostopoulos, M., Kambourakis, G., Gritzalis, S.: New facets of mobile botnet: architecture and evaluation. Int. J. Inf. Secur. 15, 455–473 (2016)
Ross, S.A., Halderman, J.A., Finkelstein, A. Sketcha: a captcha based on line drawings of 3d models. In: 2010 Proceedings of the 19th International Conference on World Wide Web, pp. 821–830
Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34, 39–53 (2004)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Mahdavi Hezavehi, S., Rahmani, R. An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environments. Cluster Comput 23, 2609–2627 (2020). https://doi.org/10.1007/s10586-019-03031-y
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-019-03031-y