Skip to main content
SpringerLink
Log in

An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environments

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Today, the providers of cloud computing services are among the most prominent service suppliers worldwide. Availability of cloud services is one of the most important concerns of cloud service providers (CSPs) and cloud users (CUs). Distributed Denial of Service (DDoS) attacks are common types of security issues which affect cloud services and consequently, can lead to unavailability of the services. Therefore, reducing the effects of DDoS attacks helps CSPs to provide high quality services to CUs. In this paper, first, we propose an anomaly-based DDoS attack detection framework in cloud environment using a third party auditor (TPA). Second, we provide multiple basic assumptions and configurations of cloud environments for establishing simulation tests to evaluate our proposed framework. Then, we provide results of simulation tests to analyze the feasibility of our approach. Simulation results demonstrate that our method for detecting DDoS attacks in CSPs has following advantages: efficiency, because of the low overhead of computations on CSPs for attack detection; rapid, due to informing a CSP about an attack in a short course of time regarding the maximum valid response time which is defined in a service level agreement (SLA); and precision, through no false positive detection as well as a low rate of false negative detection which is < 2% of all scenarios of the simulation tests. Finally, we present a table to compare characteristics of our framework with other ones in the literature.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Popović, K., Hocenski, Ž.: Cloud computing security issues and challenges. In: 2010 MIPRO Proceedings of the 33rd International Convention. pp 344–349

  2. Hutchings, A., Smith, R.G., James, L.: Cloud computing for small business: criminal and security threats and prevention measures. Trends Issues Crime Crim Justice (456), 1 (2013)

  3. Maghrabi, L.A.: The threats of data security over the Cloud as perceived by experts and university students. In: 2014 World Symposium on Computer Application and Research (WSCAR), pp. 1–6

  4. Velev, D., Zlateva, P.: (2011) Cloud infrastructure security. In: Camenisch, J., Dubovitskaya, M. (eds.) Open Research Problems in Network Security, pp 140–148. Springer, Berlin, 2011

    Chapter  Google Scholar 

  5. Fernandes, D.A.B., Soares, L.F.B., Gomes, J.V., Freire, M.M., Inácio, P.R.M.: Security issues in cloud environments: a survey. Int. J. Inf. Secur. 13, 113–170 (2014)

    Article  Google Scholar 

  6. Zlomislić, V., Fertalj, K., Sruk, V.: Denial of service attacks, defences and research challenges. Cluster Comput. 20, 661–671 (2017)

    Article  Google Scholar 

  7. Khaldi, A., Karoui, K., Tanabene, N., Ben, G.H.: (2014) A secure cloud computing architecture design. In: 2014 2nd IEEE International Conference Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp 289–294

  8. MacDermott, A., Shi, Q., Merabti, M., Kifiyat, K.: Considering an elastic scaling model for cloud security. In: 2013 8th International Conference on Internet Technology and Secured Transactions, pp 150–155

  9. Darwish, M., Ouda, A., Capretz, L.F.: Cloud-based DDoS attacks and defenses. In: 2013 International conference Information Society (i-Society), pp 67–71

  10. Dou, W., Chen, Q., Chen, J.: A confidence-based filtering method for DDoS attack defense in cloud environment. Future Gener. Comput. Syst. 29, 1838–1850 (2013)

    Article  Google Scholar 

  11. Navaz, A.S., Sangeetha, V., Prabhadevi, C.: Entropy based anomaly detection system to prevent DDoS attacks in cloud. arXiv Prepr. arXiv1308.6745 (2013)

  12. Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: 2009 European Symposium on Research in Computer Security, pp. 355–370

  13. Security guidance for critical areas of focus in cloud computing. (2009). https://www.cloudsecurityalliance.org

  14. Wang, C., Chow, S.S.M., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. Comput. IEEE Trans. 62, 362–375 (2013)

    Article  MathSciNet  Google Scholar 

  15. Ismail, M.N., Aborujilah, A., Musa, S., Shahzad, A.: Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach. In: 2013 7th International Conference on Ubiquitous Information Management and Communication, p. 36

  16. Wang, B., Zheng, Y., Lou, W., Hou, Y.T.: DDoS attack protection in the era of cloud computing and software-defined networking. Comput. Netw. 81, 308–319 (2015)

    Article  Google Scholar 

  17. Choi, J., Choi, C., Ko, B., Choi, D., Kim, P.: Detecting web based DDoS attack using MapReduce operations in cloud computing environment. J. Internet Serv. Inf. Secur. 3, 28–37 (2013)

    Google Scholar 

  18. Lonea, A.M., Popescu, D.E., Tianfield, H.: Detecting DDoS attacks in cloud computing environment. Int. J. Comput. Commun. Control 8, 70–78 (2013)

    Article  Google Scholar 

  19. Negi, P., Mishra, A., Gupta, B.B.: Enhanced CBF packet filtering method to detect DDoS attack in cloud computing environment. arXiv Prepr. arXiv1304.7073 (2013)

  20. Contractor, D., Patel, D.: Trust management framework for attenuation of application layer ddos attack in cloud computing. Trust Manag. VI, 201–208. (2012)

    Google Scholar 

  21. Karnwal, T., Sivakumar, T., Aghila, G.: A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack. In: 2012 IEEE Students’ Conference on Electrical, Electronics and Computer Science, pp. 1–5

  22. Chonka, A., Xiang, Y., Zhou, W., Bonti, A.: Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks. J. Netw. Comput. Appl. 34, 1097–1107 (2011)

    Article  Google Scholar 

  23. Yu, S., Tian, Y., Guo, S., Wu, D.O.: Can we beat DDoS attacks in clouds? IEEE Trans. Parallel Distrib Syst. 25, 2245–2254 (2014)

    Article  Google Scholar 

  24. Rajendran, R., Kumar, S.V.N.S., Palanichamy, Y., Arputharaj, K.: Detection of DoS attacks in cloud networks using intelligent rule based classification system. Cluster Comput. 22, 423–434 (2019)

    Article  Google Scholar 

  25. Osanaiye, O., Cai, H., Choo, K.-K.R., Dehghantanha, A., Xu, Z., Dlodlo, M.: Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP J. Wirel. Commun. Netw. (2016). https://doi.org/10.1186/s13638-016-0623-3

    Article  Google Scholar 

  26. Yang, C.: Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment. Cluster Comput. 22, 8309–8317 (2018)

    Article  Google Scholar 

  27. Wahab, O.A., Bentahar, J., Otrok, H., Mourad, A.: Optimal load distribution for the detection of VM-based DDoS attacks in the cloud. IEEE Trans. Serv. Comput. (2017). https://doi.org/10.1109/TSC.2017.2694426

    Article  Google Scholar 

  28. Velliangiri, S., Premalatha, J.: Intrusion detection of distributed denial of service attack in cloud. Cluster Comput. 22, 10615–10623 (2017)

    Article  Google Scholar 

  29. Salman, T., Bhamare, D., Erbad, A., Jain, R., Samaka, M.: Machine learning for anomaly detection and categorization in multi-cloud environments. In: 2017 IEEE 4th International Conference on Cyber Security and Cloud, pp. 97–103

  30. Abbasi, H., Ezzati-Jivan, N., Bellaiche, M., Talhi, C., Dagenais, M.R.: Machine learning-based EDoS attack detection technique using execution trace analysis. J. Hardw. Syst. Secur. 3, 164–176 (2019)

    Article  Google Scholar 

  31. Ficco, M., Palmieri, F.: Introducing fraudulent energy consumption in cloud infrastructures: a new generation of denial-of-service attacks. IEEE Syst. J. 11, 460–470 (2017)

    Article  Google Scholar 

  32. Gupta, B.B., Badve, O.P.: Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a cloud computing environment. Neural Comput. Appl. 28, 3655–3682 (2017)

    Article  Google Scholar 

  33. Osanaiye, O., Choo, K.-K.R., Dlodlo, M.: Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J. Netw. Comput. Appl. 67, 147–165 (2016)

    Article  Google Scholar 

  34. Tari, Z., Yi, X., Premarathne, U.S., Bertok, P., Khalil, I.: Security and privacy in cloud computing: vision, trends, and challenges. IEEE Cloud Comput 2, 30–38 (2015)

    Article  Google Scholar 

  35. Calheiros, R.N., Ranjan, R., Beloglazov, A., De Rose, C.A.F., Buyya, R.: CloudSim: a toolkit for modeling and simulation of cloud computing environments and evaluation of resource provisioning algorithms. Softw. Pract. Exp. 41, 23–50 (2011)

    Article  Google Scholar 

  36. Anagnostopoulos, M., Kambourakis, G., Gritzalis, S.: New facets of mobile botnet: architecture and evaluation. Int. J. Inf. Secur. 15, 455–473 (2016)

    Article  Google Scholar 

  37. Ross, S.A., Halderman, J.A., Finkelstein, A. Sketcha: a captcha based on line drawings of 3d models. In: 2010 Proceedings of the 19th International Conference on World Wide Web, pp. 821–830

  38. Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34, 39–53 (2004)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Islamic Azad University Science and Research Branch, Tehran, Iran

    Sasha Mahdavi Hezavehi

  2. DigikalaNEXT, Tehran, Iran

    Rouhollah Rahmani

Authors
  1. Sasha Mahdavi Hezavehi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rouhollah Rahmani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sasha Mahdavi Hezavehi.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mahdavi Hezavehi, S., Rahmani, R. An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environments. Cluster Comput 23, 2609–2627 (2020). https://doi.org/10.1007/s10586-019-03031-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-019-03031-y

Keywords

Search

Navigation