Evaluation of Experiments on Detecting Distributed Denial of Service (DDoS) Attacks in Eucalyptus Private Cloud

  • Alina Mădălina Lonea
  • Daniela Elena Popescu
  • Octavian Prostean
  • Huaglory Tianfield
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 195)

Abstract

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks appear to be main threats for cloud computing. The protection of cloud services against DoS and DDoS attacks is realized using Intrusion Detection Systems (IDSs). This paper aims to evaluate the experimental results of our proposed quantitative solution. The experiments are performed in a private cloud model deployed using Eucalyptus open-source, with virtual machines based IDS (VMs-based IDS) being created in three nodes and the Mysql database together with the graphical interfaces for monitoring the alerts being installed and configured in the front-end server. After a set of DDoS attacks are launched against the VMs-based IDS, we analyze all the alerts collected from the VMs-based IDS.

Keywords

attacks cloud computing data fusion DDoS attacks Dempster-Shafer Theory (DST) Eucalyptus Intrusion Detection Systems (IDSs) Fault-Tree Analysis Snort 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Lonea, A.M., Popescu, D.E., Tianfield, H.: Detecting Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment. International Journal of Computers, Communications & Control, IJCCC, 1841–9836 (accepted for publication, 2012) ISSN: 1841-9836Google Scholar
  2. 2.
    Bhadauria, R., et al.: A Survey on Security Issues in Cloud Computing. CoRR (2011), http://dblp.uni-trier.de/db/journals/corr/corr1109.html#abs-1109-5388
  3. 3.
    Bakshi, A., Yogesh, B.: Securing Cloud from DDoS Attacks using Intrusion Detection System in Virtual Machine. In: Second International Conference on Communication Software and Networks, pp. 260–264. IEEE Computer Society, Washington, DC (2010)CrossRefGoogle Scholar
  4. 4.
    Dhage, S.N., et al.: Intrusion Detection System in Cloud Computing Environment. In: International Conference and Workshop on Emerging Trends in Technology (ICWET 2011), pp. 235–239. TCET, Mumbai (2011)Google Scholar
  5. 5.
    Lee, J.-H., Park, M.-W., Eom, J.-H., Chung, T.-M.: Multi-level Intrusion Detection System and Log Management in Cloud Computing. In: 13th International Conference on Advanced Communication Technology, ICACT 2011, Seoul, pp. 552–555 (2011)Google Scholar
  6. 6.
    Lo, C.-C., Huang, C.-C., Ku, J.: A Cooperative Intrusion Detection System Framework for Cloud Computing Networks. In: 39th International Conference on Parallel Processing Workshops, pp. 280–284. IEEE Computer Society, Washington, DC (2010)CrossRefGoogle Scholar
  7. 7.
    Mazzariello, C., Bifulco, R., Canonico, R.: Integrating a Network IDS into an Open Source Cloud Computing Environment. In: Sixth International Conference on Information Assurance and Security, pp. 265–270 (2010)Google Scholar
  8. 8.
    Roschke, S., Cheng, F., Meinel, C.: Intrusion Detection in the Cloud. In: Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, pp. 729–734 (2009)Google Scholar
  9. 9.
    Eucalyptus Administrator’s Guide (2.0), http://open.eucalyptus.com/wiki/EucalyptusAdministratorGuide
  10. 10.
  11. 11.
    Weir, J.: Building a Debian\Snort based IDS (2012), http://www.snort.org/assets/167/IDS_deb_snort_howto.pdf
  12. 12.
    Moore, N.: Snort 2.9.1 CentOS 5.6 Installation Guide (2011), http://www.snort.org/assets/159/Snort_2.9.1_CentOS_5.pdf
  13. 13.
  14. 14.
    Sourcefire, Inc.: Snort Users Manual 2.9.2 (2011), http://www.snort.org/assets/166/snort_manual.pdf
  15. 15.
    Rehman, R. U. R.: Intrusion Detection with Snort: Advanced IDS Techniques using Snort, Apache, Mysql, PHP and ACID. Pearson Education Inc. Publishing as Prentice Hall PTR (2003) Google Scholar
  16. 16.
    Baker, A.R., Esler, J.: Snort Intrusion Detection and Prevention Toolkit. Syngress Publishing, Inc. (2007)Google Scholar
  17. 17.
    Vanathi, R., Gunasekaran, S.: Comparison of Network Intrusion Detection Systems in Cloud Computing Environment. In: 2012 International Conference on Computer Communication and Informatics (ICCCI 2012), Coimbatore, India (2012)Google Scholar
  18. 18.
    Brennan, M.P.: Using Snort for a Distributed Intrusion Detection System. SANS Institute, Version 1.3 (2002), http://www.sans.org/reading_room/whitepapers/detection/snort-distributed-intrusion-detection-system_352
  19. 19.
    Borisaniya, B., Patel, A., Patel, R., Patel, D.: Network-based Intrusion Detection in Eucalyptus Private Cloud. In: 2010 International Conference on Advances in Communication, Network, and Computing, India, pp. 209–212 (2010)Google Scholar
  20. 20.
    Skinner III, W.T.: Identity Management in a Public IaaS Cloud. James Madison University. Master Thesis (2012), http://www.scribd.com/doc/90183632/3/Thesis-Statement
  21. 21.
    Dittrich, D.: The “stacheldraht” distributed denial of service attack tool. University of Washington (1999), http://staff.washington.edu/dittrich/misc/stacheldraht.analysis.txt
  22. 22.
    Criscuolo, P.J.: Distributed Denial of Service Trin00, Tribe Flood Network, Tribe Flood Network 2000 and Stacheldraht. CIAC-2319. Department of Enery Computer Incident Advisory Capability, UCRL-ID-136939, Rev.1, Lawrence Livermore National Laboratory, https://e-reports-ext.llnl.gov/pdf/237595.pdf (2000)
  23. 23.
    Specht, S.M., Lee, R.B.: Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures. In: Proceedings of the 17th International Conference on Parallel and Distributed Systems, pp. 543–550 (2004)Google Scholar
  24. 24.
    Mirkovic, J., Martin, J., Reiher, P.: A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms. ACM SIGCOMM Computer Communication Review 34(2), 39–53 (2004)CrossRefGoogle Scholar
  25. 25.
    Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. New Riders Publishing (2002) ISBN 0-73571-265-4Google Scholar
  26. 26.
  27. 27.
    Guth, M.A.S.: A Probabilistic Foundation for Vagueness & Imprecision in Fault-Tree Analysis. IEEE Transactions on Reliability 40(5), 563–569 (1991)MATHCrossRefGoogle Scholar
  28. 28.
    Yu, D., Frincke, D.: Alert Confidence Fusion in Intrusion Detection Systems with Extended Dempster-Shafer Theory. In: Proceedings of the 43rd ACM Southeast Conference. ACM-SE, vol. 43, pp. 142–147 (2005)Google Scholar
  29. 29.
    Thomas, C., Balakrishnan, N.: Performance Enhancement of Intrusion Detection Systems using advances in sensor fusion. In: 11th International Conference on Information Fusion, pp. 1–7 (2008)Google Scholar
  30. 30.
    Witten, I.H., Frank, E.: Data Mining. In: Practical Machine Learning Tools and Techniques, 2nd edn. Kaufmann Press, San Francisco (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Alina Mădălina Lonea
    • 1
  • Daniela Elena Popescu
    • 2
  • Octavian Prostean
    • 1
  • Huaglory Tianfield
    • 3
  1. 1.Automation and Applied Informatics Department, Faculty of Automation and Computers“Politehnica” University of TimisoaraTimisoaraRomania
  2. 2.Computer Engineering Department, Faculty of Electrical Engineering and Information TechnologyUniversity of OradeaOradeaRomania
  3. 3.School of Engineering and Built EnvironmentGlasgow Caledonian UniversityGlasgowUnited Kingdom

Personalised recommendations