Multi-Aspect DDOS Detection System for Securing Cloud Network

Distributed Denial of Service (DDoS) attacks have become a serious attack for internet security and Cloud Computing environment. This kind of attacks is the most complex form of DoS (Denial of Service) attacks. This type of attack can simply duplicate its source address, such as spoofing attack, which defending methods do not able to disguises the real location of the attack. Therefore, DDoS attack is the most significant challenge for network. In this chapter we present different aspect of security in Cloud Computing, mostly we concentrated on DDOS Attacks. The Authors illustrated all types of Dos Attacks and discussed the most effective detection methods.

[1]  P. Varalakshmi,et al.  Thwarting DDoS attacks in grid using information divergence , 2013, Future Gener. Comput. Syst..

[2]  Yong Meng Teo,et al.  Dynamic Resource Pricing on Federated Clouds , 2010, 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing.

[3]  Pankaj Deep Kaur,et al.  A Review of Load Balancing in Cloud Computing , 2015 .

[4]  Kannan Govindarajan,et al.  DDoS defense system for web services in a cloud environment , 2014, Future Gener. Comput. Syst..

[5]  Xu Qin,et al.  A Distributed Intrusion Detection System against flooding Denial of Services attacks , 2011, 13th International Conference on Advanced Communication Technology (ICACT2011).

[6]  Aditya Ashok,et al.  Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid , 2013, IEEE Transactions on Smart Grid.

[7]  Jinjun Chen,et al.  A confidence-based filtering method for DDoS attack defense in cloud environment , 2013, Future Gener. Comput. Syst..

[8]  Paul Ferguson,et al.  Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.

[9]  S. Selvakumar,et al.  Distributed denial of service attack detection using an ensemble of neural classifier , 2011, Comput. Commun..

[10]  Pourya Shamsolmoali,et al.  C2DF: High Rate DDOS filtering method in Cloud Computing , 2014 .

[11]  Swaprava Nath,et al.  Theory and algorithms for hop-count-based localization with random geometric graph models of dense sensor networks , 2012, TOSN.

[12]  S. Selvakumar,et al.  M2KMIX: Identifying the Type of High Rate Flooding Attacks using a Mixture of Expert Systems , 2012 .

[13]  Abdelkader H. Ouda,et al.  Cloud-based DDoS attacks and defenses , 2013, International Conference on Information Society (i-Society 2013).

[14]  Xia Chun-Tao,et al.  An Algorithm of Detecting and Defending CC Attack in Real Time , 2012, 2012 International Conference on Industrial Control and Electronics Engineering.

[15]  Won Kim,et al.  The dark side of the Internet: Attacks, costs and responses , 2011, Inf. Syst..

[16]  Craig Partridge,et al.  Hash-based IP traceback , 2001, SIGCOMM.

[17]  Ruby B. Lee,et al.  Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures , 2004, PDCS.

[18]  Aman Bakshi,et al.  Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine , 2010, 2010 Second International Conference on Communication Software and Networks.

[19]  Wanlei Zhou,et al.  Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks , 2011, J. Netw. Comput. Appl..

[20]  Aikaterini Mitrokotsa,et al.  DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.

[21]  Shaila R Ghanti PROTECTION OF SERVER FROM SYN FLOOD ATTACK , 2014 .

[22]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[23]  Kotagiri Ramamohanarao,et al.  Survey of network-based defense mechanisms countering the DoS and DDoS problems , 2007, CSUR.

[24]  Sanjay Goel,et al.  Anonymity vs. Security: The Right Balance for the Smart Grid , 2015, Commun. Assoc. Inf. Syst..

[25]  Sugata Sanyal,et al.  A Survey on Security Issues in Cloud Computing , 2011, 1109.5388.

[26]  Alina Madalina Lonea,et al.  Detecting DDoS Attacks in Cloud Computing Environment , 2012, Int. J. Comput. Commun. Control.

[27]  Nei Kato,et al.  An early warning system against malicious activities for smart grid communications , 2011, IEEE Network.

[28]  Heejo Lee,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM 2001.

[29]  Aikaterini Mitrokotsa,et al.  Denial‐of‐Service Attacks , 2007 .

[30]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[31]  A. L. Narasimha Reddy,et al.  Statistical techniques for detecting traffic anomalies through packet header data , 2008, TNET.

[32]  Richard J. Gibbens,et al.  Resource pricing and the evolution of congestion control , 1999, at - Automatisierungstechnik.

[33]  Hai Jin,et al.  A VMM-based intrusion prevention system in cloud computing environment , 2013, The Journal of Supercomputing.

[34]  Bill Cheswick,et al.  Tracing Anonymous Packets to Their Approximate Source , 2000, LISA.

[35]  R. Anitha,et al.  Demystifying and Rate Limiting ICMP hosted DoS/DDoS Flooding Attacks with Attack Productivity Analysis , 2009, 2009 IEEE International Advance Computing Conference.

[36]  Chi-Chun Lo,et al.  A Cooperative Intrusion Detection System Framework for Cloud Computing Networks , 2010, 2010 39th International Conference on Parallel Processing Workshops.

[37]  Nitu Mehta,et al.  Data Mining Techniques: A Tool For Knowledge Management System In Agriculture , 2012 .

[38]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[39]  A. Khiyaita,et al.  Load balancing cloud computing: State of art , 2012, 2012 National Days of Network Security and Systems.

[40]  Ratul Mahajan,et al.  Controlling high bandwidth aggregates in the network , 2002, CCRV.

[41]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[42]  Thanvarat Komviriyavut,et al.  Network intrusion detection and classification with Decision Tree and rule based approaches , 2009, 2009 9th International Symposium on Communications and Information Technology.

[43]  George Kesidis,et al.  Denial-of-service attack-detection techniques , 2006, IEEE Internet Computing.

[44]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[45]  Nathalie Weiler,et al.  Honeypots for distributed denial-of-service attacks , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[46]  Stefan Katzenbeisser,et al.  Fast dynamic extracted honeypots in cloud computing , 2012, CCSW '12.

[47]  A. D. Gawande,et al.  INTRUSION DETECTION SYSTEM FOR CLOUD COMPUTING , 2012 .

[48]  S. Selvakumar,et al.  Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems , 2013, Comput. Commun..

[49]  Antonio Nucci,et al.  Robust and efficient detection of DDoS attacks for large-scale internet , 2007, Comput. Networks.

[50]  Akihiro Nakao,et al.  OverCourt: DDoS mitigation through credit-based traffic segregation and path migration , 2010, Comput. Commun..

[51]  Mihui Kim,et al.  Intrusion Detection of NSM Based DoS Attacks Using Data Mining in Smart Grid , 2012 .

[52]  A. Taleb-Bendiab,et al.  A Comparative Study into Distributed Load Balancing Algorithms for Cloud Computing , 2010, 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops.

[53]  A. B. M. Shawkat Ali,et al.  A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing , 2012, Future Gener. Comput. Syst..

[54]  Anna R. Karlin,et al.  Network support for IP traceback , 2001, TNET.

[55]  Ming Li,et al.  An Adaptive Approach for Defending against DDoS Attacks , 2010 .

[56]  Jugal K. Kalita,et al.  Detecting Distributed Denial of Service Attacks: Methods, Tools and Future Directions , 2014, Comput. J..

[57]  S. Vasanthi,et al.  A study on network intrusion detection and prevention system current status and challenging issues , 2011, ARTCom 2011.