An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environ

  • PDF / 993,698 Bytes
  • 19 Pages / 595.276 x 790.866 pts Page_size
  • 67 Downloads / 186 Views

DOWNLOAD

REPORT

(0123456789().,-volV) (0123456789().,-volV)

An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environments Sasha Mahdavi Hezavehi1 • Rouhollah Rahmani2 Received: 23 October 2018 / Revised: 21 October 2019 / Accepted: 19 December 2019  Springer Science+Business Media, LLC, part of Springer Nature 2020

Abstract Today, the providers of cloud computing services are among the most prominent service suppliers worldwide. Availability of cloud services is one of the most important concerns of cloud service providers (CSPs) and cloud users (CUs). Distributed Denial of Service (DDoS) attacks are common types of security issues which affect cloud services and consequently, can lead to unavailability of the services. Therefore, reducing the effects of DDoS attacks helps CSPs to provide high quality services to CUs. In this paper, first, we propose an anomaly-based DDoS attack detection framework in cloud environment using a third party auditor (TPA). Second, we provide multiple basic assumptions and configurations of cloud environments for establishing simulation tests to evaluate our proposed framework. Then, we provide results of simulation tests to analyze the feasibility of our approach. Simulation results demonstrate that our method for detecting DDoS attacks in CSPs has following advantages: efficiency, because of the low overhead of computations on CSPs for attack detection; rapid, due to informing a CSP about an attack in a short course of time regarding the maximum valid response time which is defined in a service level agreement (SLA); and precision, through no false positive detection as well as a low rate of false negative detection which is \ 2% of all scenarios of the simulation tests. Finally, we present a table to compare characteristics of our framework with other ones in the literature. Keywords DDoS attacks  DDoS mitigation  Anomaly detection  Third party auditor  Framework  Cloud computing

1 Introduction Today, computing as a service is one the most prominent and popular types of services worldwide. Regarding the variety of cloud services, trends for using cloud services grow rapidly. Cloud users (CUs) who are individuals or enterprises put their data on public, private, or hybrid clouds to reduce maintenance costs and responsibilities. Moreover, CUs use cloud services when having no knowledge about the location of their outsourcing data and applications. Therefore, CUs have concerns about their personal data in terms of data loss and leakage as these issues can jeopardize privacy and confidentiality of CUs. Developers & Sasha Mahdavi Hezavehi [email protected] 1

Islamic Azad University Science and Research Branch, Tehran, Iran

2

DigikalaNEXT, Tehran, Iran

of cloud environments encounter different challenges and, security ranked as the first and the greatest challenge of these environments [1]. As Hutchings et al. state in a report, ICT professionals believe that top two cloud threats are: data loss and leakage (73.5%

Data Loading...

Recommend Documents
An Innovative Method to Mitigate DDoS Attacks for Cloud Environment Using Bagging and Stacking

166 35 446KB

Motives Behind DDoS Attacks

199 94 6MB

Cloud Compliance: A Framework for Using Cloud Computing in a Regulated World

216 102 12MB

Cyber Attack Detection Framework for Cloud Computing

219 103 30MB

Virtual Infrastructure Management Framework for Cloud Computing

178 38 209KB

Understanding Trust and Cloud Computing: An Integrated Framework for Assurance and Accountability in the Cloud

152 47 2MB

A Dynamic Partitioning Framework for Edge-Assisted Cloud Computing

200 99 63MB

A Virtualization Security Framework for Public Cloud Computing

170 22 434KB

A Security Framework for DDoS Detection In MANETs

180 90 16MB

Detecting and Mitigating DDoS Attack in Named Data Networking

180 37 1MB

Privacy Preservation for Data Sharing with Multi-party Access Control in Cloud Computing: A Review Paper

148 44 27MB

Analysis of DDoS Attack in Cloud Infrastructure

184 0 31MB