A Filter Tree Approach to Protect Cloud Computing against XML DDoS and HTTP DDoS Attack

  • Tarun Karnwal
  • Sivakumar Thandapanii
  • Aghila Gnanasekaran
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 182)

Abstract

Cloud computing is an internet based pay as use service which provides three type of layered services (Software as a Service, Platform as a Service and Infrastructure as a Service) to its consumer on demand. These on demand service facilities is being provide by cloud to its consumers in multitenant environment but as facility increases complexity and security problems also increase. Here all the resources are at one place in data centers. Cloud uses public and private APIs (Application Programming Interface) to provide services to its consumer in multitenant environment. In this environment Distributed Denial of Service attack (DDoS), especially HTTP, XML or REST based DDoS attacks may be very dangerous and may provide very harmful effects for availability of services and all consumers may get affected at the same time. One other reason is that because the cloud computing users make their request in XML and then send this request using HTTP protocol and build their system interface with REST protocol (such as Amazon EC2 or Microsoft Azure) hence XML attack more vulnerable. So the threaten coming from distributed REST attacks are more and easy to implement by the attacker, but to security expert very difficult to resolve. So to resolve these attacks this paper introduces a comber approach for security services called filtering tree. This filtering tree has five filters to detect and resolve XML and HTTP DDoS attack.

Keywords

Economical Distributed Denial of Service (EDDoS) Militant environment Distributed Denial of Service(DDoS) Attacks Pay as Use Cloud Security SaaS Paas IaaS 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Cloud Security Alliance (Online), https://cloudsecurityalliance.org/topthreats (viewed December 21, 2011)
  2. 2.
    Europe Network and Information Security Agency (Online), http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment (viewed January 21, 2012)
  3. 3.
    Microsoft Security Bulletin MS10 (Online), www.microsoft.com/technet/security/bulletin/ms10-070.mspx (updated October 26, 2011)
  4. 4.
    Security of data (Online), http://news.cnet.com/8301-138463-20052571-62 (viewed July 02, 2011)
  5. 5.
    Security labs Blog (Online), http://securitylabs.websense.com/content/Blogs/3402.asp (viewed November 21, 2011)
  6. 6.
    Nurmi, D., Wolski, R., Grzegorczyk, C., Obertellli, G., Soman, S., Youseff, L., Zagorodnov, D.: The Eucalyptus Open-source Cloud computing System, http://www.eucalyptus.com/whitepapers
  7. 7.
    Bhuya, R., Ranjan, R., Calheiros, R.N.: Modeling and Siulation of Scalable Cloud Computing Environments and the CloudSim Toolkit: Challenges and Opportunities. In: Proceedings of the 7th High Performance Computing and Simulation Conference, Leipzig, Germany, June 21-24 (2009)Google Scholar
  8. 8.
    Lin, C.-H., et al.: A Group Tracing and Filtering Tree for REST DDoS in Cloud Computing. International Journal of Degital Content Technology and its Applications 4(9) (December 2010)Google Scholar
  9. 9.
    Tuncer, T., Tatar, Y.: Detection SYN Flooding Attacks Using Fuzzy Logic. In: International Conference on Information Security and Assurance, ISA 2008, April 24-26, pp. 321–325 (2008)Google Scholar
  10. 10.
    Lu, L., et al.: A General Model of Probabilistic Packet Marking for IP Traceback. In: ASIACCS 2008, March 18-20. ACM, Tokyo (2008)Google Scholar
  11. 11.
    Chonka, A., Xiang, Y., Zhou, W., Bonti, A.: Cloud security defense to protect cloud computing against HTTP -DoS and XML-DoS attacks. Journal of Network and Computer Applications 34, 1097–1107 (2011)CrossRefGoogle Scholar
  12. 12.
    Rahaman, M.A., Schaad, A., Rits, M.: Towards secure SOAP message exchange in a SOA. In: SWS 2006: Proceedings of the 3rd ACM Workshop on Secure Web Services, pp. 77–84. ACM Press (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Tarun Karnwal
    • 1
  • Sivakumar Thandapanii
    • 1
  • Aghila Gnanasekaran
    • 1
  1. 1.Dept. of Computer SciencePondicherry UniversityPuducherryIndia

Personalised recommendations