A Network-Based Intrusion Detection System

  • Prachi S. Deshpande
  • Subhash C. Sharma
  • Sateesh K. Peddoju
Part of the Studies in Big Data book series (SBD, volume 52)


This chapter reports a network-based IDS for the Cloud scenario. The IDS is implemented and analysed for the DDoS attack. The particular choice is due to the vulnerability of the DDoS attack in the Cloud paradigm.


  1. 1.
  2. 2.
    Bace, R., Mell, P.: Intrusion Detection Systems. National Institute of Standards and Technology (NIST), Technical Report: 800-31 (2001) Google Scholar
  3. 3.
    Bisong, A., Rahman, S.: An overview of the security concerns in enterprise Cloud computing. Int. J. Netw. Secur. Appl. 3(1), 30–45 (2011)CrossRefGoogle Scholar
  4. 4.
    Harauz, J., Kauifman, M., Potter, B.: Data security in the world of Cloud computing. IEEE Secur. Priv. 7(9), 61–64 (2009)Google Scholar
  5. 5.
    Chou, Y., Oetting, J.: Risk assessment for Cloud-based IT systems. Int. J. Grid High Perform. Comput. 3(2), 1–13 (2011)CrossRefGoogle Scholar
  6. 6.
    Hashizume, K., Rosado, D., Medina, E., Fernandez, E.: An analysis of security issues for Cloud computing. J. Internet Serv. Appl. 4(5), 1–13 (2013)Google Scholar
  7. 7.
    Iyengar, S., Ganapathy, G., Kumar, M., Abraham, A.: A multilevel thrust filtration defending mechanism against DDoS attacks in Cloud computing environment. Int. J. Grid Util. Comput. 5(4), 236–248 (2014)CrossRefGoogle Scholar
  8. 8.
    Takabi, H., Joshi, J., Ahn, G.: Security and privacy challenges in Cloud computing environments. IEEE Secur. Priv. 8(6), 24–31 (2010)CrossRefGoogle Scholar
  9. 9.
    Rosado, D., Gomez, R., Mellado, D., Medina, E.: Security analysis in the migration to Cloud environment. J. Future Internet 4(2), 469–487 (2012)CrossRefGoogle Scholar
  10. 10.
    Samy, G., Ahmad, R., Ismail, Z.: Investigating security threats in information systems. In: 12th IBIMA Conference on Creating Global Economics Through Innovation and Knowledge Management, Kuala Lumpur, Malaysia, pp. 1412–1419 (2009)Google Scholar
  11. 11.
    Brooks, C.: Amazon EC2 Attack Prompts Customer Support Changes. Tech Target. Available at:,289142,sid201\gci1371090,00.htmlGoogle Scholar
  12. 12.
  13. 13.
    Xu, J., Lee, W.: Sustaining availability of web services under distributed denial of service attacks. IEEE Trans. Comput. 52(2), 195–208 (2003)CrossRefGoogle Scholar
  14. 14.
    Aljifri, H.: IP Traceback: a new denial-of-service deterrent. IEEE Secur. Priv. Mag. 1(3), 24–31 (2003)CrossRefGoogle Scholar
  15. 15.
    Kim, Y., Lau, W., Chuah, M., Chao, H.: PacketScore: a statistics-based packet filtering scheme against distributed denial-of-service attacks. IEEE Trans. Dependable Secure Comput. 3(2), 141–155 (2006)CrossRefGoogle Scholar
  16. 16.
    Wang, X.: Mitigation of DDoS attacks through pushback and resource regulation. In: International Conference on Multimedia and Information Technology (MMIT 08), Three Gorges, Dec 2008, pp. 225–228Google Scholar
  17. 17.
    Xiong, Y., Liu, S., Sun, P.: On the defense of the distributed denial of service attacks: an on-off feedback control approach. IEEE Trans. Syst. Man Cybern. PART A Syst. Hum. 31(4), 282–293 (2001)CrossRefGoogle Scholar
  18. 18.
    Kashiwa, D., Chen, E., Fuji, H.: Active shaping: a countermeasure against DDoS attacks. In: 2nd European Conference on Universal Multiservice Networks (ECUMN 2002), Colmar, France, Apr 2002, pp. 171–179Google Scholar
  19. 19.
    Chen, Y., Kwok, Y., Hwang, K.: MAFIC: adaptive packet dropping for cutting malicious flows to push back DDoS attacks. In: Proceedings of the 25th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW-05), Columbus, Ohio, USA, June 2005, pp. 123–129Google Scholar
  20. 20.
    Li, Q., Chang, E., Chan, M.: On the effectiveness of DDoS attacks on statistical filtering. In: Proceedings of 24th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2005), Miyami, vol. 2, Mar 2005, pp. 1373–1383Google Scholar
  21. 21.
    Wang, H., Jin, C., Shin, K.: Defense against spoofed IP traffic using hop-count filtering. IEEE/ACM Trans. Netw. (TON) 15(1), 40–53 (2007)CrossRefGoogle Scholar
  22. 22.
    Chen, R., Park, J., Marchany, R.: A divide-and-conquer strategy for thwarting distributed denial-of-service attacks. IEEE Trans. Parallel Distrib. Syst. 18(5), 577–588 (2007)CrossRefGoogle Scholar
  23. 23.
    Chen, Y., Hwang, K., Ku, W.: Collaborative detection of DDoS attacks over multiple network domains. IEEE Trans. Parallel Distrib. Syst. 18(12), 1649–1662 (2007)CrossRefGoogle Scholar
  24. 24.
    Yu, S., Zhou, W., Doss, R.: Information theory based detection against network behavior mimicking DDoS attacks. IEEE Commun. Lett. 12(4), 319–321 (2008)Google Scholar
  25. 25.
    Sun, H., Zhaung, Y., Chao, H.: A principal components analysis-based robust DDoS defense system. In: IEEE International Conference on Communications (ICC-08), Beijing, China, May 2008, pp. 1663–1669Google Scholar
  26. 26.
    Sun, H., Ngan, W., Chao, H.: RateGuard: a robust distributed denial of service (DDoS) defense system. In: IEEE Global Telecommunications Conference (GLOBECOM 2009), Honolulu, HI, Dec 2009, pp. 1–8Google Scholar
  27. 27.
    Yang, L., Zhang, T., Song, J., Wang, J., Chen, P.: Defense of DDoS attack for Cloud computing. In: 2012 IEEE International Conference on Computer Science and Automation Engineering (CSAE), vol. 2, Zhangjiajie, China, May 2012, pp. 626–629Google Scholar
  28. 28.
    Chen, S., Wu, J., Ye, X., Guo, T.: Distributed denial of service attacks detection method based on conditional random fields. J. Netw. 8(4), 858–865 (2013)Google Scholar
  29. 29.
    Yu, S., Zhou, W., Guo, S., Guo, M.: A feasible IP traceback framework through dynamic deterministic packet marking. IEEE Trans. Comput. 99, 1–12 (2015)Google Scholar
  30. 30.
    Ingram, R., Shields, P., Walter, J., Welch, J.: An asynchronous leader election algorithm for dynamic networks. In: IEEE International Symposium on Parallel and Distributed Processing (IPDPS), Rome, Italy, May 2009, pp. 1–12Google Scholar
  31. 31.
    DARPA Intrusion Detection Evaluation Data Set. Available at:
  32. 32.
    Chen, Q., Lin, W., Dou, W., Yu, S.: CBF: a packet filtering method for DDoS attack defense in Cloud environment. In: IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing (DASC 11), Sydney, NSW, Dec 2011, pp. 427–434Google Scholar
  33. 33.
    Low Orbit Ion Cannon (LOIC). Available at:
  34. 34.
    Zou, C., Duffield, N., Towsley, D., Gong, W.: Adaptive defense against various network attacks. IEEE J. Sel. Areas Commun. 24(10), 1877–1888 (2006)CrossRefGoogle Scholar
  35. 35.
    Pandey, V.C., Peddoju, S.K., Deshpande, P.S., Sādhanā 43, 32(1–9) (2018)Google Scholar
  36. 36.
    Yaar, A., Perrig, A., Song, D.: StackPi: new packet marking and filtering mechanisms for DDoS and IP spoofing defence. IEEE J. Sel. Areas Commun. 24(10), 1853–1863 (2006)CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • Prachi S. Deshpande
    • 1
  • Subhash C. Sharma
    • 2
  • Sateesh K. Peddoju
    • 3
  1. 1.Department of Computer EngineeringDr. Babasaheb Ambedkar Technological UniversityLonereIndia
  2. 2.Indian Institute of Technology RoorkeeRoorkeeIndia
  3. 3.Indian Institute of Technology RoorkeeRoorkeeIndia

Personalised recommendations