Abstract
Cloud computing is a well-known internet platform based technology that provides access to rented, remotely located and distributed IT resources such as computing infrastructure, storage, online web and utility application on a pay per usage model. As it is a widely used service by individual users to corporate organizations and contains valuable data and applications, it is known to be vulnerable to risks and threats such as network level threats, host level threats and virtualization layer vulnerabilities etc. However for counterattacking these vulnerabilities traditional defense measures exists but are not efficient, scalable and optimized to be used in cloud. The paper identifies the drawbacks in the current schemes used for handling network attacks (primarily DDOS) and provides a new direction in which the same level of security capabilities for network can be obtained with minimal expense of resources which is the prime requirement for any scheme for being applicable in cloud environment. The paper describes a prototype implementation of the concept with details of experimental setup and initial results.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Grance, P.M.A.T.: Effectively and Securely Using the Cloud Computing Paradigm, v0.25 (2009), http://csrc.nist.gov/organizations/fissea/2009-conference/presentations/fissea09-pmell-day3_cloud-computing.pdf
Brown, E.: NIST Issues Cloud Computing Guidelines for Managing Security and Privacy. National Institute of Standards and Technology Special Publication 800-144 (2012)
Susmita, H., et al.: Implementing private cloud at IIT Roorkee: an initial experience. Book Implementing private cloud at IIT Roorkee: an initial experience, Series Implementing private cloud at IIT Roorkee: an initial experience, pp. 453–458. ACM (2012)
Nist, S.P.: 800-53 Rev. 2. Recommended Security Controls for Federal Information Systems (2007)
Gupta, S., et al.: A secure and lightweight approach for critical data security in cloud. In: 2012 Fourth International Conference on Proc. Computational Aspects of Social Networks (CASoN), pp. 315–320. IEEE (2012)
Gupta, S., Horrow, S., Sardana, A.: A Hybrid Intrusion Detection Architecture for Defense against DDoS Attacks in Cloud Environment Contemporary Computing. In: Parashar, M., Kaushik, D., Rana, O.F., Samtaney, R., Yang, Y., Zomaya, A., et al. (eds.) IC3 2012. CCIS, vol. 306, pp. 498–499. Springer, Heidelberg (2012)
Gupta, S., et al.: A light Weight Centralized File Monitoring Approach for Securing Files in Cloud Environment. In: Proc. of the 7th International Conference for Internet Technology and Secured Transactions (ICITST 2012), pp. 382–387. IEEE (2012)
Bloomerg, Attack on Sony Play station Network exploiting Amazon Cloud Services (2011), http://www.bloomberg.com/news/2011-05-15/sony-attack-shows-amazon-s-cloud-service-lureshackers-at-pennies-an-hour.html/
Top Threats to Cloud Computing (2012), https://cloudsecurityalliance.org/research/top-threats/
Jin, H., et al.: A VMM-based intrusion prevention system in cloud computing environment. The Journal of Supercomputing, 1–19 (2011)
Smallwood, D., Vance, A.: Intrusion analysis with deep packet inspection: Increasing efficiency of packet based investigations. In: 2011 International Conference on Proc. Cloud and Service Computing (CSC), pp. 342–347. IEEE (2011)
Chi-Chun, L., et al.: A Cooperative Intrusion Detection System Framework for Cloud Computing Networks. In: 2010 39th International Conference on Proc. Parallel Processing Workshops (ICPPW), pp. 280–284 (2010)
Roschke, S., et al.: Intrusion Detection in the Cloud. In: Eighth IEEE International Conference on Proc. Dependable, Autonomic and Secure Computing, DASC 2009, pp. 729–734 (2009)
Mazzariello, C., et al.: Integrating a network IDS into an open source Cloud Computing environment. In: 2010 Sixth International Conference on Proc. Information Assurance and Security (IAS), pp. 265–270 (2010)
Dhage, S.N., et al.: Intrusion detection system in cloud computing environment. International Journal of Cloud Computing 1(2), 261–282 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gupta, S., Kumar, P. (2013). VM Profile Based Optimized Network Attack Pattern Detection Scheme for DDOS Attacks in Cloud. In: Thampi, S.M., Atrey, P.K., Fan, CI., Perez, G.M. (eds) Security in Computing and Communications. SSCC 2013. Communications in Computer and Information Science, vol 377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40576-1_25
Download citation
DOI: https://doi.org/10.1007/978-3-642-40576-1_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40575-4
Online ISBN: 978-3-642-40576-1
eBook Packages: Computer ScienceComputer Science (R0)