A multilevel thrust filtration defending mechanism against DDoS attacks in cloud computing environment

Cloud computing is a technology which not only gained advantages from ascendant technologies, but also suffered from its security breaches, of which availability is the most serious security issue. Distributed Denial of Service (DDoS) is a kind of resource-availability-related attack launched with the aim of subverting the Data Centre (DC) for resource unavailability to the legitimate clients. In this paper, we propose 'Multilevel Thrust Filtration (MTF) mechanism' as a solution, which authenticates the incoming requesters and detects the different types of DDoS attacks at different levels to detect the most intensive attack at an early stage to prevent the unnecessary traffic reaching the DC. A hybrid solution is proposed to detect four different kinds of attacks that have been taken into consideration. Profit analysis proved that the proposed mechanism is deployable at an attack-prone DC for resource protection, which would eventually result in beneficial service at slenderised revenue.

[1]  Shui Yu,et al.  CBF: A Packet Filtering Method for DDoS Attack Defense in Cloud Environment , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[2]  N. Jeyanthi,et al.  An Enhanced Entropy Approach to Detect and Prevent DDoS in Cloud Environment , 2013, Int. J. Commun. Networks Inf. Secur..

[3]  S. Selvakumar,et al.  Distributed denial of service attack detection using an ensemble of neural classifier , 2011, Comput. Commun..

[4]  Lech J. Janczewski Handling Distributed Denial-of-Service Attacks , 2001, Inf. Secur. Tech. Rep..

[5]  Farzad Sabahi,et al.  Cloud computing security threats and responses , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[6]  Piotr Grabowski,et al.  On-demand software licence provisioning in grid and cloud computing , 2013, Int. J. Grid Util. Comput..

[7]  N. Jeyanthi,et al.  Packet Resonance Strategy: A Spoof Attack Detection and Prevention Mechanism in Cloud Computing Environment , 2012, Int. J. Commun. Networks Inf. Secur..

[8]  Dezhi Han,et al.  The study and design on secure-cloud storage system , 2011, 2011 International Conference on Electrical and Control Engineering.

[9]  Aad P. A. van Moorsel,et al.  Dependability in the cloud: Challenges and opportunities , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[10]  Khaled Salah,et al.  EDoS-Shield - A Two-Steps Mitigation Technique against EDoS Attacks in Cloud Computing , 2011, 2011 Fourth IEEE International Conference on Utility and Cloud Computing.

[11]  Akihiro Nakao,et al.  DDoS defense as a network service , 2010, 2010 IEEE Network Operations and Management Symposium - NOMS 2010.

[12]  Akihiro Nakao,et al.  OverCourt: DDoS mitigation through credit-based traffic segregation and path migration , 2010, Comput. Commun..

[13]  Chi-Chun Lo,et al.  A Cooperative Intrusion Detection System Framework for Cloud Computing Networks , 2010, 2010 39th International Conference on Parallel Processing Workshops.

[14]  P. Varalakshmi,et al.  Thwarting DDoS attacks in grid using information divergence , 2013, Future Gener. Comput. Syst..

[15]  Sergio Nesmachnow,et al.  Multiobjective grid scheduling using a domain decomposition based parallel micro evolutionary algorithm , 2013, Int. J. Grid Util. Comput..

[16]  Rakesh Kumar Jha,et al.  A performance Comparison with cost for QoS Application in On-Demand Cloud Computing , 2011, 2011 IEEE Recent Advances in Intelligent Computational Systems.

[17]  Jun-jie Wang,et al.  Security issues and countermeasures in cloud computing , 2011, Proceedings of 2011 IEEE International Conference on Grey Systems and Intelligent Services.

[18]  B. Joshi,et al.  Securing cloud computing environment against DDoS attacks , 2012, 2012 International Conference on Computer Communication and Informatics.

[19]  Shigang Chen,et al.  AID: A global anti-DoS service , 2007, Comput. Networks.