Advertisement

Design and analysis of behaviour based DDoS detection algorithm for data centres in cloud

  • Qubeb Shaik Mohammed PenukondaEmail author
  • Ilango Paramasivam
Special Issue
  • 11 Downloads

Abstract

In the recent years, security is the major concern in cloud computing. One of the major security threats to the cloud is distributed denial of service (DDoS). This DDoS attacks results in data corruption, losing of sensitive information and leads to denial of cloud service. To overcome the drawbacks of security, we proposed the behaviour-based DDoS detection algorithm that is based on the behaviour of the user which generates the traffic. The proposed work is divided into two phases which can be executed in parallel. In general, the hackers or illegitimate user floods the traffic and uses more bandwidth. In first phase, the analysis of the dynamic traffic and effectively differentiating the genuine traffic and attacker’s traffic is done in the proposed algorithm. The packet analyzer is responsible to identify the genuine packets from the flooding traffic. In second phase, the CPU utilization is monitored and the process consuming more CPU power or the source is illegitimate, the process is rejected. The simulation is carried by using the OPNET simulator. The simulation results are tested with three different scenarios. It is proved that the proposed model has efficient response time and it has better efficiency in DDoS prone zones.

Keywords

Cloud computing Network Traffic DDoS Packet analyzer Trust management 

Notes

References

  1. 1.
    Zhou Z, Xie D, Xiong W (2009) A novel distributed detection scheme against DDoS attack. J Netw 4(9):921–928Google Scholar
  2. 2.
    Prabha S, Anitha R (2010) Mitigation of application traffic DDoS attacks with trust and AM based HMM models. Int J Comput Appl 6(9):26–34Google Scholar
  3. 3.
    Wang K, Huang C-Y, Lin S-J, Lin Y-D (2011) A fuzzy pattern-based filtering algorithm for botnet detection. Comput Netw 55:3275–3286CrossRefGoogle Scholar
  4. 4.
    Liu T, Wang Z, Wang H, Lu K (2012) An entropy-based method for attack detection in large scale network. Int J Comput Commun 7(3):509–517CrossRefGoogle Scholar
  5. 5.
    Xuan Y, Shin I, Thai MT, Znati T (2010) Detecting application denial-of-service attacks: a group-testing-based approach. IEEE Trans Parallel Distrib Syst 21(8):1203–1216CrossRefGoogle Scholar
  6. 6.
    Chawla S, Sachdeva M, Behal S (2016) Discrimination of DDoS attacks and flash events using Pearson’s product moment correlation method. Int J Comput Sci Inf Secur 14(10):382Google Scholar
  7. 7.
    Acarali D, Rajarajan M, Komninos N, Herwono I (2016) Survey of approaches and features for the identification of HTTP-based botnet traffic. J Netw Comput Appl 76:1–15CrossRefGoogle Scholar
  8. 8.
    Sachdeva M, Kumar K (2014) A traffic cluster entropy based approach to distinguish DDoS attacks from flash event using DETER testbed. ISRN Commun Netw 2014:1–16CrossRefGoogle Scholar
  9. 9.
    Navaz AS, Sangeetha V, Prabhadevi C (2013) Entropy based anomaly detection system to prevent DDoS attacks in cloud. arXiv preprint arXiv:1308.6745
  10. 10.
    Osanaiye O, Cai H, Choo K-KR, Dehghantanha A, Xu Z, Dlodlo M (2016) Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP J Wirel Commun Netw 2016(1):130CrossRefGoogle Scholar
  11. 11.
    Palvinder SM, Kumar D (2011) Improving network performance and mitigate DDoS attacks using analytical approach under collaborative software as aservice (SaaS) cloud computing environment. IJCST 2(1):119–122Google Scholar
  12. 12.
    Manimaran A, Durairaj M (2016) The conjectural framework for detecting DDoS attack using enhanced entropy based threshold technique (EEB-TT) in cloud environment. Int J Adv Comput Res 6(27):230CrossRefGoogle Scholar
  13. 13.
    Venkata KP, Sudip M, Saritha V, Raju DN, Obaidat MS (2017) An efficient learning automata based task offloading in mobile cloud computing environments. In: 2017 IEEE international conference on communications (ICC). IEEE, pp 1–6Google Scholar
  14. 14.
    Nagaraju D, Saritha V (2016) A survey on communicational issues in mobile cloud computing. Walailak J Sci Technol (WJST) 14(10):1–10Google Scholar
  15. 15.
    Nagaraju D, Saritha V (2017) An evolutionary multi-objective approach for resource scheduling in mobile cloud computing. Int J Intell Eng Syst 10(1):12–21Google Scholar
  16. 16.
    Qwasmi N, Ahmed F, Liscano R (2011) Simulation of DDoS attacks On P2P networks. In: IEEE 13th international conference on high performance computing and communications (HPCC), pp 610–614Google Scholar
  17. 17.
    Sengar H (2009) Overloading vulnerability of VoIP networks. In: IEEE/IFIP international conference on dependable systems & networks, pp 419–428Google Scholar
  18. 18.
    Tritilanunt S, Sivakorn S, Juengjincharoen C, Siripornpisan A (2010) Entropy-based input-output traffic mode detection scheme for DoS/DDoS attacks. In: IEEE ISCIT, pp 804–809Google Scholar
  19. 19.
    Jha RK, Dalal UD (2011) On demand cloud computing performance analysis with low cost for QoS application. In: International conference on multimedia, signal processing and communication technologies (IMPACT), pp 268–271Google Scholar
  20. 20.
  21. 21.
  22. 22.
    Chen Z, Jiang F, Cheng Y, Gu X, Liu W, Peng J (2018) Xgboost classifier for ddos attack detection and analysis in SDN-based cloud. In: 2018 IEEE international conference on big data and smart computing (BigComp). IEEE, pp 251–256Google Scholar
  23. 23.
    Madhupriya G, Shalinie SM, Rajeshwari AR (2018). Detecting DDoS attack in cloud computing using local outlier factors. In: 2018 2nd international conference on trends in electronics and informatics (ICOEI). IEEE, pp 859–863Google Scholar
  24. 24.
    Bhardwaj A, Goundar S (2018) Algorithm for secure hybrid cloud design against DDoS attacks. Int J Inf Technol Web Eng (IJITWE) 13(4):61–77CrossRefGoogle Scholar
  25. 25.
    John J, Norman J (2019) Major vulnerabilities and their prevention methods in cloud computing. Advances in big data and cloud computing. Springer, Singapore, pp 11–26CrossRefGoogle Scholar
  26. 26.
    Alzahrani S, Hong L (2018) Detection of distributed denial of service (DDoS) attacks using artificial intelligence on cloud. In: 2018 IEEE world congress on services (SERVICES). IEEE, pp 35–36Google Scholar
  27. 27.
    Pandey VC, Peddoju SK, Deshpande PS (2018) A statistical and distributed packet filter against DDoS attacks in Cloud environment. Sādhanā 43(3):32Google Scholar
  28. 28.
    Jeyanthi N, Iyengar NCS, Kumar PM, Kannammal A (2013) An enhanced entropy approach to detect and prevent DDoS in cloud environment. Int J Commun Netw Inf Secur 5(2):110Google Scholar
  29. 29.
    Misra S, Krishna PV, Abraham KI, Sasikumar N, Fredun S (2010) An adaptive learning routing protocol for the prevention of distributed denial of service attacks in wireless mesh networks. Comput Math Appl 60(2):294–306CrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  • Qubeb Shaik Mohammed Penukonda
    • 1
    Email author
  • Ilango Paramasivam
    • 2
  1. 1.School of CSEBharatiyar UniversityCoimbatoreIndia
  2. 2.Department of CSEPSG Institute of Technology and Applied ResearchCoimbatoreIndia

Personalised recommendations