Enhanced CBF Packet Filtering Method to Detect DDoS Attack in Cloud Computing Environment

Tremendous and extraordinary growths in the field of internet, intranet, extranet and its users have developed an innovative era of great global competition and contention. Denial of service attack by multiple nodes is accomplished of disturbing the services of rival servers. The attack can be for multiple reasons. So it is a major threat for cloud environment. Due to low effectiveness and large storage conventional defending approaches cannot be easily applied in cloud security. The effects of various attacks can decrease the influence of a cloud. So, in view of this challenge task, this paper aims at enhancing a proposed method for cloud security. We propose a modification to the confidence Based Filtering method (CBF) which is investigated for cloud computing environment based on correlation pattern to mitigate DDoS attacks on Cloud. The modification introduces nominal additional bandwidth and tries to increase the processing speed of the victim initiated server.

[1]  A. B. M. Shawkat Ali,et al.  Above the Trust and Security in Cloud Computing: A Notion Towards Innovation , 2010, 2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.

[2]  H. Jonathan Chao,et al.  PacketScore: a statistics-based packet filtering scheme against distributed denial-of-service attacks , 2006, IEEE Transactions on Dependable and Secure Computing.

[3]  B. B. Gupta,et al.  FVBA: A combined statistical approach for low rate degrading and high bandwidth disruptive DDoS attacks detection in ISP domain , 2008, 2008 16th IEEE International Conference on Networks.

[4]  H. Jonathan Chao,et al.  ALPi: A DDoS Defense System for High-Speed Networks , 2006, IEEE Journal on Selected Areas in Communications.

[5]  Brij B. Gupta,et al.  A Recent Survey on DDoS Attacks and Defense Mechanisms , 2011 .

[6]  Esraa Alomari,et al.  Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art , 2012, ArXiv.

[7]  Wanlei Zhou,et al.  Chaos theory based detection against network mimicking DDoS attacks , 2009, IEEE Communications Letters.

[8]  M Hasan Islam,et al.  Cloud computing security auditing , 2011, The 2nd International Conference on Next Generation Information Technology.

[9]  Wanlei Zhou,et al.  Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics , 2011, IEEE Transactions on Information Forensics and Security.

[10]  B. B. Gupta,et al.  A Comparative Study of Distributed Denial of Service Attacks, Intrusion Tolerance and Mitigation Techniques , 2011, 2011 European Intelligence and Security Informatics Conference.

[11]  B. B. Gupta,et al.  Defending against Distributed Denial of Service Attacks: Issues and Challenges , 2009, Inf. Secur. J. A Glob. Perspect..

[12]  Shui Yu,et al.  CBF: A Packet Filtering Method for DDoS Attack Defense in Cloud Environment , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[13]  Cheng Jin,et al.  Defense Against Spoofed IP Traffic Using Hop-Count Filtering , 2007, IEEE/ACM Transactions on Networking.