Collaborative 'many to many' DDoS detection in cloud

Cloud computing provides a scalable and cost-effective environment for users to store and process data through the internet. However, it also causes distributed denial-of-service DDoS attacks. DDoS attacks risk systems outage and intend to disable the service to legitimate users. In this paper, due to the nature of its large-scale and coordinated attacks, we propose a collaborative prediction approach for detecting DDoS. Our approach provides a clean and direct solution to attack defense. The DDoS attacks follow certain patterns when employing a large number of compromised machines to request for service from the servers in the victim system. So we construct an attacker-server utility matrix by the number of packets and adopt matrix factorisation to detect potential attackers collaboratively. We derive the latent attacker vectors and latent server vectors to predict the unknown entries in the matrix. Experimental results on the NS-2 simulation networks demonstrate the superiority of our approach.

[1]  Osman Salem,et al.  A scalable, efficient and informative approach for anomaly‐based intrusion detection systems: theory and practice , 2010, Int. J. Netw. Manag..

[2]  B. B. Gupta,et al.  ANN Based Scheme to Predict Number of Zombies in a DDoS Attack , 2012, Int. J. Netw. Secur..

[3]  M. Ufuk Çaglayan,et al.  Formal security analysis of Ariadne secure routing protocol using model checking , 2012, Int. J. Ad Hoc Ubiquitous Comput..

[4]  S. Selvakumar,et al.  Distributed denial of service attack detection using an ensemble of neural classifier , 2011, Comput. Commun..

[5]  Saman Taghavi Zargar,et al.  A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks , 2013, IEEE Communications Surveys & Tutorials.

[6]  Antonio Nucci,et al.  Robust and efficient detection of DDoS attacks for large-scale internet , 2007, Comput. Networks.

[7]  Raphael C.-W. Phan,et al.  Augmented Attack Tree Modeling of Distributed Denial of Services and Tree Based Attack Detection Method , 2010, 2010 10th IEEE International Conference on Computer and Information Technology.

[8]  Jang-Ping Sheu,et al.  Adaptive route-sharing protocol for data collection in Wireless Sensor Networks , 2012, Int. J. Ad Hoc Ubiquitous Comput..

[9]  Manoj Misra,et al.  Prediction of Number of Zombies in a DDoS Attack using Polynomial Regression Model , 2011 .

[10]  Vasilios Katos,et al.  Real time DDoS detection using fuzzy estimators , 2012, Comput. Secur..

[11]  Ahmad Faraahi,et al.  An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks , 2011 .

[12]  Vyas Sekar,et al.  LADS: Large-scale Automated DDoS Detection System , 2006, USENIX Annual Technical Conference, General Track.

[13]  Thiagarajan Hamsapriya,et al.  Statistical Segregation Method to Minimize the False Detections During DDoS Attacks , 2011, Int. J. Netw. Secur..

[14]  Jugal K. Kalita,et al.  Detecting Distributed Denial of Service Attacks: Methods, Tools and Future Directions , 2014, Comput. J..

[15]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[16]  S. Selvakumar,et al.  Distributed Denial-of-Service (DDoS) Threat in Collaborative Environment - A Survey on DDoS Attack Tools and Traceback Mechanisms , 2009, 2009 IEEE International Advance Computing Conference.

[17]  Dong Seong Kim,et al.  Detection of DDoS attacks using optimized traffic matrix , 2012, Comput. Math. Appl..

[18]  Daniel S. Yeung,et al.  A covariance analysis model for DDoS attack detection , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[19]  Kai Hwang,et al.  Collaborative detection and filtering of shrew DDoS attacks using spectral analysis , 2006, J. Parallel Distributed Comput..

[20]  Wanlei Zhou,et al.  Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics , 2011, IEEE Transactions on Information Forensics and Security.

[21]  Farrukh Aslam Khan,et al.  A survey of Intrusion Detection Systems for Wireless Sensor Networks , 2012, Int. J. Ad Hoc Ubiquitous Comput..

[22]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[23]  Wanlei Zhou,et al.  CALD: Surviving Various Application-Layer DDoS Attacks That Mimic Flash Crowd , 2010, 2010 Fourth International Conference on Network and System Security.

[24]  Farzad Sabahi,et al.  Cloud computing security threats and responses , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[25]  Carol J. Fung Collaborative Intrusion Detection Networks and Insider Attacks , 2011, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..