Skip to main content
SpringerLink
Log in
Book cover

International Conference on Advances in Cyber Security

ACeS 2019: Advances in Cyber Security pp 138–152Cite as

Detection Mechanisms of DDoS Attack in Cloud Computing Environment: A Survey

  • Conference paper
  • First Online:

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1132))

Abstract

Distributed Denial of Service (DDoS) attack is considered as one of the major security threats to the cloud computing environment. This attack hampers the adoption and deployment of cloud computing. DDoS Attack is an explicit attempt by an attacker to prevent and deny access to shared services or resources on a server in a cloud environment by legitimate users of cloud computing. This kind of attack targets victim servers by sending massive volumes of traffic from multiple sources to consume all the victim server resources. This paper discussed various defense mechanisms for defending DDoS. The main objective of this paper is to evaluate different mechanisms that help to defend DDoS attacks. This paper highlights the importance of statistical anomaly-based approaches in detecting DDoS attacks.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Somani, G., Gaur, M.S., Sanghi, D., Conti, M., Buyya, R.: DDoS attacks in cloud computing: issues, taxonomy, and future directions. Comput. Commun. 107, 30–48 (2017)

    Article  Google Scholar 

  2. Osanaiye, O., Choo, K.-K.R., Dlodlo, M.: Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework. J. Netw. Comput. Appl. 67, 147–165 (2016)

    Article  Google Scholar 

  3. Kaaniche, N., Laurent, M.: Data security and privacy preservation in cloud storage environments based on cryptographic mechanisms. Comput. Commun. 111, 120–141 (2016)

    Article  Google Scholar 

  4. Arjun, U., Vinay, S.: A short review on data security and privacy issues in cloud computing. In: 2016 IEEE International Conference on Current Trends in Advanced Computing (ICCTAC), Bangalore, India, pp. 1–5.‏ IEEE (2016)

    Google Scholar 

  5. Khalil, I.M., Khreishah, A., Azeem, M.: Cloud computing security: a survey. Computers 3(1), 1–35 (2014)

    Article  Google Scholar 

  6. Sharma, R., Trivedi, R.K.: Literature review: cloud computing–security issues, solution and technologies. Int. J. Eng. Res. 3(4), 221–225 (2014)

    Article  Google Scholar 

  7. Khan, M.A.: A survey of security issues for cloud computing. J. Netw. Comput. Appl. 71, 11–29 (2016)

    Article  Google Scholar 

  8. Behal, S., Kumar, K.: Detection of DDoS attacks and flash events using information theory metrics–an empirical investigation. Comput. Commun. 103, 18–28 (2017)

    Article  Google Scholar 

  9. Behal, S., Kumar, K.: Detection of DDoS attacks and flash events using novel information theory metrics. Comput. Netw. 116, 96–110 (2017)

    Article  Google Scholar 

  10. Bhatia, S.: Ensemble-based model for DDoS attack detection and flash event separation. In: 2016 Future Technologies Conference (FTC), San Francisco, CA, USA, pp. 958–967. IEEE (2016)

    Google Scholar 

  11. Bhatia, T., Verma, A.K.: Data security in mobile cloud computing paradigm: a survey, taxonomy and open research issues. J. Supercomput. 73(6), 2558–2631 (2017)

    Article  Google Scholar 

  12. Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: E-LDAT: a lightweight system for DDoS flooding attack detection and IP traceback using extended entropy metric. Secur. Commun. Netw. 9(16), 3251–3270 (2016)

    Article  Google Scholar 

  13. Mansfield-Devine, S.: The growth and evolution of DDoS. Netw. Secur. 2015(10), 13–20 (2015)

    Article  Google Scholar 

  14. Sachdeva, M., Kumar, K., Singh, G.: A comprehensive approach to discriminate DDoS attacks from flash events. J. Inf. Secur. Appl. 26, 8–22 (2016)

    Google Scholar 

  15. Saravanan, R., Shanmuganathan, S., Palanichamy, Y.: Behavior-based detection of application layer distributed denial of service attacks during flash events. Turk. J. Electr. Eng. Comput. Sci. 24(2), 510–523 (2016)

    Article  Google Scholar 

  16. Shameli-Sendi, A., Pourzandi, M., Fekih-Ahmed, M., Cheriet, M.: Taxonomy of Distributed Denial of Service mitigation approaches for cloud computing. J. Netw. Comput. Appl. 58, 165–179 (2015)

    Article  Google Scholar 

  17. Shifali, C., Sachdeva, M., Behal, S.: Discrimination of DDoS attacks and flash events using Pearsons product moment correlation method. Int. J. Comput. Sci. Inf. Secur. 14(10), 382–389 (2016)

    Google Scholar 

  18. Xiao, P., Qu, W., Qi, H., Li, Z.: Detecting DDoS attacks against data center with correlation analysis. Comput. Commun. 67, 66–74 (2015)

    Article  Google Scholar 

  19. Yan, R., Xu, G., Qin, X.: Detect and identify DDoS attacks from flash crowd based on self-similarity and Renyi entropy. In: 2017 Chinese Automation Congress (CAC), Jinan, China, pp. 7188–7194.‏ IEEE (2017)

    Google Scholar 

  20. Bhandari, A., Sangal, A.L., Kumar, K.: Characterizing flash events and distributed denial-of-service attacks: an empirical investigation. Secur. Commun. Netw. 9(13), 2222–2239 (2016)

    Google Scholar 

  21. Arbor Network. https://pages.arbornetworks.com/rs/082-KNA-087/images/13th_Worldwide_Infrastructure_Security_Report.pdf. Accessed 21 Dec 2018

  22. Gupta, B.B., Badve, O.P.: Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment. Neural Comput. Appl. 28(12), 3655–3682 (2017)

    Article  Google Scholar 

  23. Iqbal, S., et al.: On cloud security attacks: a taxonomy and intrusion detection and prevention as a service. J. Netw. Comput. Appl. 74, 98–120 (2016)

    Article  Google Scholar 

  24. Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recognit. Lett. 51, 1–7 (2015)

    Article  Google Scholar 

  25. Almomani, A.: Fast-flux hunter: a system for filtering online fast-flux botnet. Neural Comput. Appl. 29(7), 483–493 (2018)

    Article  Google Scholar 

  26. Tao, Y., Yu, S.: DDoS attack detection at local area networks using information theoretical metrics. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Melbourne, VIC, Australia, pp. 233–240.‏ IEEE (2013)

    Google Scholar 

  27. Prasad, K.M., Reddy, A.R.M., Rao, K.V.: Afr. J. Comput. ICT 6(2), 53–62 (2013). 2017 Chinese Automation Congress (CAC)

    Google Scholar 

  28. Stillwell, M., Schanzenbach, D., Vivien, F., Casanova, H.: Resource allocation algorithms for virtualized service hosting platforms. J. Parallel Distrib. Comput. 70(9), 962–974 (2010)

    Article  Google Scholar 

  29. Bonguet, A., Bellaiche, M.: A survey of denial-of-service and distributed denial of service attacks and defenses in cloud computing. Future Internet 9(3), 43 (2017)

    Article  Google Scholar 

  30. Moustafa, N., Hu, J., Slay, J.: A holistic review of Network Anomaly Detection Systems: a comprehensive survey. J. Netw. Comput. Appl. 128, 33–55 (2019)

    Article  Google Scholar 

  31. Alzahrani, S., Hong, L.: A survey of cloud computing detection techniques against DDoS attacks. J. Inf. Secur. 9, 45–69 (2018)

    Google Scholar 

  32. Bakshi, A., Sunanda, : A comparative analysis of different intrusion detection techniques in cloud computing. In: Luhach, A., Singh, D., Hsiung, P.A., Hawari, K., Lingras, P., Singh, P. (eds.) Advanced Informatics for Computing Research, vol. 956, pp. 358–378. Springer, Singapore (2018). https://doi.org/10.1007/978-981-13-3143-5_30

    Chapter  Google Scholar 

  33. Modi, C.N., Acha, K.: Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing: a comprehensive review. J. Supercomput. 73(3), 1192–1234 (2017)

    Article  Google Scholar 

  34. Ariyaluran Habeeb, R.A., Nasaruddin, F., Gani, A., Targio Hashem, I.A., Ahmed, E., Imran, M.: Real-time big data processing for anomaly detection: a Survey. Int. J. Inf. Manag. 45, 289–307 (2019)

    Article  Google Scholar 

  35. Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., Rajarajan, M.: A survey of intrusion detection techniques in cloud. J. Netw. Comput. Appl. 36(1), 42–57 (2013)

    Article  Google Scholar 

  36. Katiyar, P., Senthil Kumarn, U., Balakrishanan, S.: Detection and discrimination of DDoS attacks from flash crowd using entropy variations. Int. J. Eng. Technol. 5(4), 3514–3519 (2013)

    Google Scholar 

  37. Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun. Surv. Tutor. 15(4), 2046–2069 (2013)

    Article  Google Scholar 

  38. Khattak, S., Ramay, N.R., Khan, K.R., Syed, A.A., Khayam, S.A.: A taxonomy of botnet behavior, detection, and defense. IEEE Commun. Surv. Tutor. 16(2), 898–924 (2014)

    Article  Google Scholar 

  39. Hammi, B., Rahal, M.C., Khatoun, R.: Clustering methods comparison: application to source based detection of botclouds. In: 2016 International Conference on Security of Smart Cities, Industrial Control System and Communications (SSIC), Paris, France, pp. 1–7. IEEE (2016)

    Google Scholar 

  40. Chen, C., Chen, H.: A resource utilization measurement detection against DDoS attacks. In: 2016 9th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI), Datong, China, pp. 1938–1943 IEEE (2016)

    Google Scholar 

  41. Xiang, Y., Li, K., Zhou, W.: Low-rate DDoS attacks detection and traceback by using new information metrics. IEEE Trans. Inf. Forensics Secur. 6(2), 426–437 (2011)

    Article  Google Scholar 

  42. Sahoo, K.S., Puthal, D., Tiwary, M., Rodrigues, J.J.P.C., Sahoo, B., Dash, R.: An early detection of low rate DDoS attack to SDN based data center networks using information distance metrics. Future Gener. Comput. Syst. 89, 685–697 (2018)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Sciences, Universiti Sains Malaysia, 11800, Minden, Pulau Pinang, Malaysia

    Mohammad Abdelkareem Alarqan & Zarul Fitri Zaaba

  2. Department of Information Technology, Al-Huson University College, Al-Balqa Applied University, Irbid, Jordan

    Ammar Almomani

Authors
  1. Mohammad Abdelkareem Alarqan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zarul Fitri Zaaba
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ammar Almomani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zarul Fitri Zaaba .

Editor information

Editors and Affiliations

  1. Universiti Sains Malaysia, Penang, Malaysia

    Mohammed Anbar

  2. Universiti Sains Malaysia, Penang, Malaysia

    Nibras Abdullah

  3. Universiti Sains Malaysia, George Town, Malaysia

    Selvakumar Manickam

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alarqan, M.A., Zaaba, Z.F., Almomani, A. (2020). Detection Mechanisms of DDoS Attack in Cloud Computing Environment: A Survey. In: Anbar, M., Abdullah, N., Manickam, S. (eds) Advances in Cyber Security. ACeS 2019. Communications in Computer and Information Science, vol 1132. Springer, Singapore. https://doi.org/10.1007/978-981-15-2693-0_10

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-2693-0_10

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-2692-3

  • Online ISBN: 978-981-15-2693-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation