A Lightweight Approach to Detect the Low/High Rate IP Spoofed Cloud DDoS Attacks

In cloud computing, broadly two facets of Distributed Denial-of-Service (DDoS) attack exist. The attacker uses Internet Protocol (IP) spoofing technique for launching the DDoS attack to disguise the source's identity. Consequently, its detection becomes a crucial and challenging task. The objective of the paper is to propose an adaptive and lightweight approach which can detect the low and high rate spoofed DDoS attack traffic accurately. The approach is implemented in a closed cloud environment. The experimental results showed that the approach can effectively detect internal and external low/high rate spoofed DDoS attacks with 99.3% accuracy and provides better performance.

[1]  Nirwan Ansari,et al.  Is it congestion or a DDoS attack? , 2009, IEEE Communications Letters.

[2]  Shashikala Tapaswi,et al.  Defense schemes for variants of distributed denial-of-service (DDoS) attacks in cloud computing: A survey , 2017, Inf. Secur. J. A Glob. Perspect..

[3]  Wanlei Zhou,et al.  Chaos theory based detection against network mimicking DDoS attacks , 2009, IEEE Communications Letters.

[4]  Wei Chen,et al.  Defending Against TCP SYN Flooding Attacks Under Different Types of IP Spoofing , 2006, International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06).

[5]  Mqhele E. Dlodlo,et al.  TCP/IP header classification for detecting spoofed DDoS attack in Cloud environment , 2015, IEEE EUROCON 2015 - International Conference on Computer as a Tool (EUROCON).

[6]  Choong Seon Hong,et al.  Defense technique against spoofing attacks using reliable ARP table in cloud computing environment , 2015, 2015 17th Asia-Pacific Network Operations and Management Symposium (APNOMS).

[7]  N. Jeyanthi,et al.  Detection of distributed denial of service attacks in cloud computing by identifying spoofed IP , 2013, Int. J. Commun. Networks Distributed Syst..

[8]  Jianping Yin,et al.  RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks , 2009, 2009 9th International Symposium on Communications and Information Technology.

[9]  Jian Zhang,et al.  A Hadoop Based Analysis and Detection Model for IP Spoofing Typed DDoS Attack , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[10]  Biswanath Mukherjee,et al.  A Survey on Resiliency Techniques in Cloud Computing Infrastructures and Applications , 2016, IEEE Communications Surveys & Tutorials.

[11]  Jun Li,et al.  On the state of IP spoofing defense , 2009, TOIT.

[12]  Shiuh-Pyng Shieh,et al.  Defending against spoofed DDoS attacks with path fingerprint , 2005, Comput. Secur..

[13]  B. B. Gupta,et al.  Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment , 2017, Neural Computing and Applications.

[14]  Jie Xu,et al.  On a Mathematical Model for Low-Rate Shrew DDoS , 2014, IEEE Transactions on Information Forensics and Security.

[15]  Kim-Kwang Raymond Choo,et al.  Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework , 2016, J. Netw. Comput. Appl..

[16]  J. K. Kalita,et al.  Botnet in DDoS Attacks: Trends and Challenges , 2015, IEEE Communications Surveys & Tutorials.

[17]  Kang G. Shin,et al.  Defense Against Spoofed IP Traffic Using Hop-Count Filtering , 2007, IEEE/ACM Transactions on Networking.

[18]  Dawn Xiaodong Song,et al.  StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense , 2006, IEEE Journal on Selected Areas in Communications.

[19]  Neminath Hubballi,et al.  An event based technique for detecting spoofed IP packets , 2017, J. Inf. Secur. Appl..

[20]  Muttukrishnan Rajarajan,et al.  Combating DDoS Attacks in the Cloud: Requirements, Trends, and Future Directions , 2017, IEEE Cloud Computing.

[21]  Akihiro Nakao,et al.  Mantlet Trilogy: DDoS Defense Deployable with Innovative Anti-Spoofing, Attack Detection and Mitigation , 2010, 2010 Proceedings of 19th International Conference on Computer Communications and Networks.