Mitigating Economic Denial of Sustainability Attacks to Secure Cloud Computing Environments
DOI:
https://doi.org/10.14738/tmlai.54.3220Keywords:
component, Security, Cloud Computing, DDoS attack, EDoS attack, MitigationAbstract
In cloud computing environment where the infrastructure is shared by millions of users, attackers have the opportunity to ensure more damage to the compromised resources. The main aim of such attacks is to saturate and overload the system network through a massive data packets size flooding toward a victim server and to block the service to customers. The Distributed Denial-of-service (DDoS) attack is considered one of the largest threats to the Quality of Service (QoS) of cloud services which is used to deny access for legitimate users of an online service. However, Economic Denial of Sustainability (EDoS) attack is a special breed of DDoS attack that attack exploits auto scaling feature of cloud. The Cloud Service Provider (CSP) scales the architecture automatically to serve those requests for which cloud consumer is charged. A consumer expects a sustainable profit after hosting his application on cloud. The attacker purpose is to guarantee the service unavailability and maximize the financial loss costs by increasing the cost and decreasing the profit. Hence, in this paper we propose a novel mitigation system against the EDoS attacks. Our system consists of source Checking, Counting, and Turing Test. The obtained simulation results show that our system works efficiently to mitigate the EDoS attack in cloud environment.
References
(1) Shawish and M. Salama, “Cloud computing: paradigms and technologies,” in Inter-cooperative Collective Intelligence: Techniques and Applications. Springer, 2014, pp. 39–67.
(2) P. Mell and T. Grance, “The nist definition of cloud computing,” 2011.
(3) M. Hanini and S. El Kafhali, “Cloud computing performance evaluation under dynamic resource utilization and traffic control,” in ACM Second International conference on Big Data, Cloud and Applications (BDCA17). ACM, 2017.
(4) S. K. Garg, S. Versteeg, and R. Buyya, “A framework for ranking of cloud computing services,” Future Generation Computer Systems, vol. 29, no. 4, pp. 1012–1023, 2013.
(5) S. El Kafhali and K. Salah, “Stochastic modelling and analysis of cloud computing data center,” in 20th ICIN Conference Innovations in Clouds, Internet and Networks. IEEE, 2017, pp. 122–126.
(6) M. T. Khorshed, A. S. Ali, and S. A. Wasimi, “A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing,” Future Generation computer systems, vol. 28, no. 6, pp. 833–851, 2012.
(7) O. Osanaiye, K.-K. R. Choo, and M. Dlodlo, “Distributed denial of service (ddos) resilience in cloud: review and conceptual cloud ddos mitigation framework,” Journal of Network and Computer Applications, vol. 67, pp. 147–165, 2016.
(8) E. Alomari, S. Manickam, B. Gupta, M. Anbar, R. M. Saad, and S. Alsaleem, “A survey of botnet-based ddos flooding attacks of application layer: Detection and mitigation approaches,” in Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security. IGI Global, 2016, pp. 52–79.
(9) G. Somani, M. S. Gaur, D. Sanghi, and M. Conti, “Ddos attacks in cloud computing: collateral damage to non-targets,” Computer Networks, vol. 109, pp. 157–171, 2016.
(10) M. Ficco and M. Rak, “Economic denial of sustainability mitigation in cloud computing,” in Organizational Innovation and Change. Springer, 2016, pp. 229–238.
(11) N. Z. Bawany, J. A. Shamsi, and K. Salah, “Ddos attack
detection and mitigation using sdn: Methods, practices, and solutions,” Arabian Journal for Science and Engineering, vol. 42, no. 2, pp. 425–441, 2017.
(12) N. Agrawal and S. Tapaswi, “Defense schemes for variants of distributed denial-of-service (ddos) attacks in cloud computing: A survey,” Information Security Journal: A Global Perspective, pp. 1–13, 2017.
(13) M. Masood, Z. Anwar, S. A. Raza, and M. A. Hur, “Edos armor: a cost effective economic denial of sustainability attack mitigation framework for e-commerce applications in cloud environments,” in 2013 16th International Multi Topic Conference (INMIC), IEEE, 2013, pp. 37–42.
(14) R. P. Kumar, J. Babu, T. Gunasekhar, and S. B. Bhushan, “Mitigating application ddos attacks using random port hopping technique,” International Journal of Emerging Research in Management &Technology, vol. 4, no. 1, pp. 1–4, 2015.
(15) A. CloudWatch, “Amazon cloudwatch,” 2014.
(16) I. EL Mir, D. S. Kim, and A. Haqiq, “Towards a stochastic model for integrated detection and filtering of dos attacks in cloud environments,” in ACM Second International conference on Big Data, Cloud and Applications (BDCA17). ACM, 2017.
(17) M. N. Kumar, P. Sujatha, V. Kalva, R. Nagori, A. K. Katukojwala, and M. Kumar, “Mitigating economic denial of sustainability (edos) in cloud computing using in-cloud scrubber service,” in 2012 Fourth International Conference on
Computational Intelligence and Communication Networks (CICN).
IEEE, 2012, pp. 535–539.
(18) A. Koduru, T. Neelakantam, and S. M. S. Bhanu, “Detection of economic denial of sustainability using time spent on a web page in cloud,” in 2013 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM). IEEE, 2013, pp. 1–4.
(19) L. Von Ahn, M. Blum, N. J. Hopper, and J. Langford, “Captcha: Using hard ai problems for security,” in International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2003, pp. 294–311.
(20) R. Datta, J. Li, and J. Z. Wang, “Imagination: a robust image-based captcha generation system,” in Proceedings of the 13th annual ACM international conference on Multimedia. ACM, 2005, pp. 331–334.
(21) A. Gupta, A. Jain, A. Raj, and A. Jain, “sequenced tagged captcha: generation and its analysis,” in IEEE International Advance Computing Conference, 2009. IACC 2009. IEEE, 2009, pp. 1286–1291.
(22) M. H. Sqalli, F. Al-Haidari, and K. Salah, “Edos-shield-a two-steps mitigation technique against edos attacks in cloud computing,” in 2011 Fourth IEEE International Conference on Utility and Cloud Computing (UCC). IEEE, 2011, pp. 49–56.
