Skip to main content
SpringerLink
Log in

VM Profile Based Optimized Network Attack Pattern Detection Scheme for DDOS Attacks in Cloud

  • Conference paper
Security in Computing and Communications (SSCC 2013)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 377))

Included in the following conference series:

Abstract

Cloud computing is a well-known internet platform based technology that provides access to rented, remotely located and distributed IT resources such as computing infrastructure, storage, online web and utility application on a pay per usage model. As it is a widely used service by individual users to corporate organizations and contains valuable data and applications, it is known to be vulnerable to risks and threats such as network level threats, host level threats and virtualization layer vulnerabilities etc. However for counterattacking these vulnerabilities traditional defense measures exists but are not efficient, scalable and optimized to be used in cloud. The paper identifies the drawbacks in the current schemes used for handling network attacks (primarily DDOS) and provides a new direction in which the same level of security capabilities for network can be obtained with minimal expense of resources which is the prime requirement for any scheme for being applicable in cloud environment. The paper describes a prototype implementation of the concept with details of experimental setup and initial results.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Grance, P.M.A.T.: Effectively and Securely Using the Cloud Computing Paradigm, v0.25 (2009), http://csrc.nist.gov/organizations/fissea/2009-conference/presentations/fissea09-pmell-day3_cloud-computing.pdf

  2. Brown, E.: NIST Issues Cloud Computing Guidelines for Managing Security and Privacy. National Institute of Standards and Technology Special Publication 800-144 (2012)

    Google Scholar 

  3. Susmita, H., et al.: Implementing private cloud at IIT Roorkee: an initial experience. Book Implementing private cloud at IIT Roorkee: an initial experience, Series Implementing private cloud at IIT Roorkee: an initial experience, pp. 453–458. ACM (2012)

    Google Scholar 

  4. Nist, S.P.: 800-53 Rev. 2. Recommended Security Controls for Federal Information Systems (2007)

    Google Scholar 

  5. Gupta, S., et al.: A secure and lightweight approach for critical data security in cloud. In: 2012 Fourth International Conference on Proc. Computational Aspects of Social Networks (CASoN), pp. 315–320. IEEE (2012)

    Google Scholar 

  6. Gupta, S., Horrow, S., Sardana, A.: A Hybrid Intrusion Detection Architecture for Defense against DDoS Attacks in Cloud Environment Contemporary Computing. In: Parashar, M., Kaushik, D., Rana, O.F., Samtaney, R., Yang, Y., Zomaya, A., et al. (eds.) IC3 2012. CCIS, vol. 306, pp. 498–499. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  7. Gupta, S., et al.: A light Weight Centralized File Monitoring Approach for Securing Files in Cloud Environment. In: Proc. of the 7th International Conference for Internet Technology and Secured Transactions (ICITST 2012), pp. 382–387. IEEE (2012)

    Google Scholar 

  8. Bloomerg, Attack on Sony Play station Network exploiting Amazon Cloud Services (2011), http://www.bloomberg.com/news/2011-05-15/sony-attack-shows-amazon-s-cloud-service-lureshackers-at-pennies-an-hour.html/

  9. Top Threats to Cloud Computing (2012), https://cloudsecurityalliance.org/research/top-threats/

  10. Jin, H., et al.: A VMM-based intrusion prevention system in cloud computing environment. The Journal of Supercomputing, 1–19 (2011)

    Google Scholar 

  11. Smallwood, D., Vance, A.: Intrusion analysis with deep packet inspection: Increasing efficiency of packet based investigations. In: 2011 International Conference on Proc. Cloud and Service Computing (CSC), pp. 342–347. IEEE (2011)

    Google Scholar 

  12. Chi-Chun, L., et al.: A Cooperative Intrusion Detection System Framework for Cloud Computing Networks. In: 2010 39th International Conference on Proc. Parallel Processing Workshops (ICPPW), pp. 280–284 (2010)

    Google Scholar 

  13. Roschke, S., et al.: Intrusion Detection in the Cloud. In: Eighth IEEE International Conference on Proc. Dependable, Autonomic and Secure Computing, DASC 2009, pp. 729–734 (2009)

    Google Scholar 

  14. Mazzariello, C., et al.: Integrating a network IDS into an open source Cloud Computing environment. In: 2010 Sixth International Conference on Proc. Information Assurance and Security (IAS), pp. 265–270 (2010)

    Google Scholar 

  15. Dhage, S.N., et al.: Intrusion detection system in cloud computing environment. International Journal of Cloud Computing 1(2), 261–282 (2012)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electronics and Computer Enginnering, Indian Institute of Technology Roorkee, Roorkee, Uttarakhand, India, 247667

    Sanchika Gupta & Padam Kumar

Authors
  1. Sanchika Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Padam Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Indian Institute of Information Technology and Management, Technopark Campus, 695581, Trivandrum, Kerala, India

    Sabu M. Thampi

  2. Department of Applied Computer Science, The University of Winnipeg, 515 Portage Avenue, R3B 2E9, Winnipeg, MB, Canada

    Pradeep K. Atrey

  3. Electrical and Computer Science Engineering Building, National Sun Yat-sen University, Kaohsiung, Taiwan R.O.C.

    Chun-I Fan

  4. Facultad de Informatica, Campus de Espinardo, s/n, 30.100, Murcia, Spain

    Gregorio Martinez Perez

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gupta, S., Kumar, P. (2013). VM Profile Based Optimized Network Attack Pattern Detection Scheme for DDOS Attacks in Cloud. In: Thampi, S.M., Atrey, P.K., Fan, CI., Perez, G.M. (eds) Security in Computing and Communications. SSCC 2013. Communications in Computer and Information Science, vol 377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40576-1_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40576-1_25

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40575-4

  • Online ISBN: 978-3-642-40576-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation