Abstract
The cloud computing has inherent challenges to detect the Hyper Text Transfer Protocol (HTTP) flooding Distributed Denial of Service (DDoS) attack due to its natural characteristics like virtualization, elasticity and multi-tenancy. The usage of cloud computing is user-friendly, but the implementation of the cloud infrastructure such as compute node, networking, cloud storage is very complex in order to achieve its various characteristics. Similarly, detecting the HTTP flooding attack in the cloud is also very complex as it requires an understanding of various potential attack paths in such a complex environment. So, designing the cloud testbed framework to detect the HTTP flooding attacks is a challenging problem to be solved. The cloud testbed framework has to consider several aspects of attack scenarios while accounting the cloud characteristics. This paper reviews the existing DDoS attack detection framework and their gaps and proposes a cloud testbed framework for evaluating the HTTP flooding DDoS attack solution. The proposed framework is implemented using the OpenStack cloud environment. The Fédération Internationale de Football Association (FIFA) World Cup 1998 real-time dataset is used to generate the HTTP flooding attack to the OpenStack cloud testbed framework for the experimentation.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
The 5 motives for DDoS attack. https://arch.simplicable.com/arch/new/the-5-motives-for-DDoS-attack. Accessed 9 Jan 2019.
NIST Cloud Computing Program—NCCP. https://www.nist.gov/programs-projects/nist-cloud-computing-program-nccp. Accessed 9 Jan 2019.
Top 10 security concerns for cloud-based services. https://www.incapsula.com/blog/top-10-cloud-security-concerns.html. Accessed 9 Jan 2019.
Dhanapal, A., et al. (2013) Data usage security, accounting and auditing in cloud computing. In National Conference on Networking and Communication Systems (NCS) (vol. 2, pp. 226–229).
Denial of service attack: what is a dos attack? https://security.radware.com/ddos-knowledge-center/ddospedia/dos-attack/. Accessed 9 Jan 2019.
DDoS attack types and mitigation methods. https://www.incapsula.com/ddos/ddos-attacks/. Accessed 9 Jan 2019.
What is a DDoS attack and how do you protect against DDoS attacks? https://www.arbornetworks.com/research/what-is-ddos. Accessed 9 Jan 2019.
Why move to the cloud? 10 benefits of cloud computing. https://www.salesforce.com/uk/blog/2015/11/why-move-to-the-cloud-10-benefits-of-cloud-computing.html. Accessed 9 Jan 2019.
DDoS top 6: Why hackers attack. https://www.pentasecurity.com/blog/ddos-top-6-hackers-attack/. Accessed 9 Jan 2019.
Widespread cyberattack takes down sites worldwide. http://money.cnn.com/2016/10/21/technology/ddos-attack-popular-sites/index.html. Accessed 9 Jan 2019.
The 5 most significant DDoS Attacks of 2016. https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/5-significant-ddos-attacks-2016/. Accessed 9 Jan 2019.
Application attacks against clouds up 45%. https://www.csoonline.com/article/2991409/cloud-security/application-attacks-against-clouds-up-45.html. Accessed 9 Jan 2019.
Denial-of-Service attacks meet the cloud: 4 Lessons. https://www.cio.com/article/2413818/cloud-computing/denial-of-service-attacks-meet-the-cloud--4-lessons.html. Accessed 9 Jan 2019.
Cloud delivery models. http://whatiscloud.com/cloud_delivery_models/index. Accessed 9 Jan 2019.
Cloud deployment models. http://whatiscloud.com/cloud_deployment_models/index. Accessed 9 Jan 2019.
Dhanapal, A., et al. (2018) A review of cloud computing adoption issues and challenges. Recent Patents on Computer Science. https://doi.org/10.2174/2213275911666181114142428.
World Cup Web Site Access Logs. http://ita.ee.lbl.gov/html/contrib/WorldCup.html.
Dhanapal, A., et al. (2017) An effective mechanism to regenerate HTTP flooding DDoS attack using real time data set. In ICICICT (pp. 570–575).
Smirnov, A.V., et al. (2016) Network traffic processing module for infrastructure attacks detection in cloud computing platforms. In IEEE (pp. 199–202).
Kobayashi, R., et al. (2016). Defense method of HTTP GET flood attack by adaptively controlling server resources depending on different attack intensity. Journal of Information Processing, 24(5), 802–815.
Shruthi, B. T., et al. (2016). X-DoS (XML Denial of Service) attack strategy on cloud computing. Imperial Journal of Interdisciplinary Research, 2(12), 1665–1669.
Shahanaz Begum, I., et al. (2016). DDoS attack detection and prevention in private cloud environment. International Journal of Innovations in Engineering and Technology, 7(3), 527–531.
Kiruthika Devi, B. S., et al. (2016). Comparative analysis of security methods for DDoS attacks in the cloud computing environment. Indian Journal of Science and Technology, 9(34), 1–7.
Karnwal, T., et al. (2012) A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack. In IEEE Students’ Conference on Electrical, Electronics and Computer Science (pp. 1–5).
Osanaiye, O., et al. (2016) Change-point cloud DDoS detection using packet inter-arrival time. In 8th Computer Science and Electronic Engineering Conference (CEEC) (pp. 204–209).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Dhanapal, A., Nithyanandam, P. An OpenStack based cloud testbed framework for evaluating HTTP flooding attacks. Wireless Netw 27, 5491–5501 (2021). https://doi.org/10.1007/s11276-019-01937-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11276-019-01937-4