Distributed Denial of Service attack on cloud: Detection and prevention

Cloud computing is a distributive and scalable computing architecture. It provides sharing of data and other resources which are accessible from any part of the world for a very low cost. However, Security is one major concern for such computing environment. Distributed Denial of Service (DDoS) is an attack that consumes all the cloud resources may have making it unavailable to other general users. This paper identifies characteristics of DDoS attack and provides an Intrusion Detection System (IDS) tool based on Snort to detect DDoS. The proposed tool will alert the network administrator regarding any attack for any possible resources and the nature of the attack. Also, it suspends the attacker for some time to allow the network admin to implement a fall back plan. As Snort is an open source system, modifying different parameters of the system showed a significant aid in not only detection of DDoS, but also reduction the time for the down time of the network. The proposed tool helps minimize the effect of DDoS by detecting the attack at very early stage and by altering with various parameters which facilitates easy diagnose of the problem.

[1]  Pawan Prakash,et al.  Improving security for data migration in cloud computing using randomized encryption technique , 2013 .

[2]  Mahdi Aiash,et al.  Secure Live Virtual Machines Migration: Issues and Solutions , 2014, 2014 28th International Conference on Advanced Information Networking and Applications Workshops.

[3]  Bernhard Plattner,et al.  Network anomaly detection in the cloud: The challenges of virtual service migration , 2014, 2014 IEEE International Conference on Communications (ICC).

[4]  Arun Katara,et al.  Inter-cloud Data Transfer Security , 2014, 2014 Fourth International Conference on Communication Systems and Network Technologies.

[5]  Guy Pujolle,et al.  Reducing DDoS attacks impact using a hybrid cloud-based firewalling architecture , 2014, 2014 Global Information Infrastructure and Networking Symposium (GIIS).

[6]  Mohamed Batouche,et al.  Security problems in cloud infrastructure , 2014, The 2014 International Symposium on Networks, Computers and Communications.

[7]  Hassan Zaki,et al.  SECURITY ISSUES IN CLOUD COMPUTING AND COUNTERMEASURES , 2011 .

[8]  Saeed Amirgholipour,et al.  Availability Challenge of Cloud System under DDOS Attack , 2012 .

[9]  Shawish Ahmed,et al.  A QoS-Oriented Inter-cloud Federation Framework , 2014, 2014 IEEE 38th Annual Computer Software and Applications Conference.