Defending DDOS Attacks in Cloud Computing Environment: A Survey

International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org

Volume 4, Issue 11, November 2015
ISSN 2319 - 4847
Defending DDOS Attacks in Cloud Computing

Environment : A Survey
B.Kiranmai1, A.Damodaram2
1
Assoc.Prof in CSE,KMIT,Narayanguda,Hyderabad
Professor , Vice- Chancellor, S.V. University, Tirupati, A.P
ABSTRACT
Cloud Computing is the emerging technology where our present and future are dependent on this technology. At present most
of businesses have shifted their computing paradigm to cloud computing. With Cloud Computing advantages are enormous
but at the same time it is vulnerable to different kinds of attacks ( insiders and as well as out siders). This papers summarize
various techniques to defend DDOS attacks in cloud computing.
Keywords: Cloud Computing, DDOS attacks, Intrusion Detection System
1. INTRODUCTION TO CLOUD COMPUTING[1]

Cloud computing is a Distributed computing construct environment that centers with respect to sharing calculations or
assets. Really, mists are Internet-based and it tries to camouflage multifaceted nature for customers. Distributed
computing alludes to both the applications conveyed as administrations over the Internet and the equipment and
programming in the datacenters that give those administrations.
Cloud suppliers use virtualization advances joined with selfservice capacities for figuring assets through system
foundation. In cloud situations, a few sorts of virtual machines are facilitated on the same physical server as framework.
In cloud, costumers must only pay for what they use and have not to pay for local resources which they need to such as
storage or infrastructure. Nowadays, we have three types of cloud environments: Public, Private, and Hybrid clouds.
A public cloud is standard model which providers make several resources, such as applications and storage, available to
the public. Public cloud services may be free or not. In public clouds which they are running applications externally by
large service providers and offers some benefits over private clouds. Private Cloud refers to internal services of a
business that is not available for ordinary people.
Essentially Private clouds are a marketing term for an architecture that provides hosted services to particular group of
people behind a firewall.
Hybrid cloud is an environment that a company provides and controls some resources internally and has some others
for public use. Also there is combination of private and public clouds that called Hybrid cloud. In this type, cloud
provider has a service that has private cloud part which only accessible by certified staff and protected by firewalls from
outside accessing and a public cloud environment which external users can access to it.
There are some issues regarding with Cloud Computing
Availability Management
Security
Monitoring
Configuration management
Counter Measure
2. INTRODUCTION TO INTRUSION DETECTION SYSTEM [2]

Intrusion Detection Systems help information systems prepare for, and deal with attacks. They accomplish this by
collecting information from a variety of systems and network
sources, and then analyzing the information for possible security problems.
Intrusion detection provides the following:
1) Monitoring and analysis of user and system activity
2) Auditing of system configurations and vulnerabilities
3) Assessing the integrity of critical system and data files
4) Statistical analysis of activity patterns based on the matching to known attacks
5) Abnormal activity analysis
6) Operating system audit
Page 111

ISSN 2319 - 4847
There are three main components to the Intrusion detection system:

Network Intrusion Detection system (NIDS) performs an analysis for a passing traffic on the entire subnet.
Works in a promiscuous mode, and matches the traffic that is passed on the subnets to the library of knows attacks.
Once the attack is identified, or abnormal behavior is sensed, the alert can be send to the administrator. Example of
the NIDS would be installing it on the subnet where you firewalls are located in order to see if someone is trying to
break into your firewall.
Network Node Intrusion detection system (NNIDS) performs the analysis of the traffic that is passed from the
network to a specific host. The difference between NIDS and NNIDS is that the traffic is monitored on the single
host only and not for the entire subnet. The example of the NNIDS would be, installing it on a VPN device, to
examine the traffic once it was decrypted. This way you can see if someone is trying to break into your VPN device.
Host Intrusion Detection System (HIDS) takes a snap shot of your existing system files and matches it to the
previous snap shot. If the critical system files were modified or deleted, the alert is sent to the administrator to
investigate. The example of the HIDS can be seen on the mission critical machines, that are not expected .
3. ATTACKS IN CLOUD [3]-[8]

Some of the attacks those are possible in cloud environment and their consequences.
1) Dos and DDOS Attacks: This kind of attack will make the cloud users not to access the service.
2) TCP hijacking: This type of attack will be hijacked by the intruder.
3) DNS attacks: This type of access attack will access more privilege than usual one.
4) Eaves dropping attacks: This type of attack modifies or adds a new packet.
5) Deep packet Inspection: In this type of attack malicious intruder will access network for information.
4. EXISITING WORK TO DEFEND DDOS ATTACKS IN CLOUD ENVIRONMENT

Some of the techniques to defend DDoS attacks are discussed here.
4.1 Integrating Signature based Apriori based Network Intrusion in Cloud Computing[4]
Chirag N.Modi et.al. has presented a approach to reduce the impact of network attack. Attacks can be known attacks
or un known attacks. Has used to SNORT to identify known attacks and unknown attacks are identified using frequent
Apriori based algorithm. An attack is considered based on minimum threshold and support. Authors have implemented
in Linux environment and it can be implemented centralized or in distributed environment.
4.2 A Profile based Network Intrusion Detection and Prevention system for securing Cloud Environment[3]
Sanchika Gupta etal. Distinguished vulnerabilities in charge of surely understood system construct assaults in light of
cloud and does a basic investigation on the efforts to establish safety accessible in cloud environment. This paper
actualized securing assaults from insiders and pariahs utilizing system profiling. A profile is made for each virtual
machine in cloud that depicts system conduct of every cloud client. In this the aggregate system movement at special
area is sifted in light of VM's IP addresses. Interruption identification is performed on the bundles originating from a
specific machine in light of its profile. VM profile depicts the assaults that are conceivable on it. After profile creation
the information got from that virtual machine is searched for assaults whose marks are available in VM profile
information base and match with assault signature database,and if a match happens it sends data to identification and
notice segment.
This process has to be implemented completely. It is under process.
4.3 Securing Cloud Network Environment against Intrusion using Sequential algorithm. [5]
Mr R.Kumar proposed a multi-stage appropriated defenselessness recognition estimation, and counter measure choice
component which is based on assault diagram based expository models. He proposed a gathering testing methodology
sent on back end servers. Attackers are assumed to launch the application service request either at high interval rate or
high work load or even both. By periodically monitoring the average response time to service requests and comparing
them with the specific threshold values fetched from a legitimate profile each virtual server is associated with a
negative or positive outcome by this identifying attacker from a pool of legitimate users. Sequential algorithm has
been proposed to block the attackers. It will search sequentially and block the attacker node in transmission path.
theoretical analysis has been done and has to implemented on DDOS attacks.
4.4 Attack Graph model : A New approach for DDOS attack detection in Cloud[6]
R.Jeena et.al. focused on providing security to virtual machines in the cloud system. Enhanced intrusion detection is
proposed to provide security to cloud nodes by detecting DDOS attack. IDS is placed in the network switch to monitor
all activities of nodes in cloud system. An attack graph is generated to find all possible attack paths. The details about
the cloud system are stored in the service registry.
4.5 A Cooperative Intrusion Detection Model for Cloud Computing Networks.[7]
Shaaohua Teng et.al. proposed a collaborative intrusion detection architecture and E-CARGO model is used to model
this system. Collaborative intrusion detection model consists of five components namely event generators, feature
detector, statistical detector, fusion center, and response unit.
Page 112

ISSN 2319 - 4847
The event generators collect data from the networks and generate suspicious intrusion events. They submit the
suspicious intrusion events to the feature and statistical detection agents. According to the network protocol, these
suspicious intrusion events are divided into TCP events, UDP events and ICMP events.
5 CONCLUSION
Cloud computing is the State-of art-of technology but at the same time it is prone to vulnerabilities. Many of the
authors have identified and tried to implement in practical and this is in process which has to fully implemented and
deployed with low cost. Some of the methods which have been implemented are discussed in this paper.
References
[1] Farzad Sabahi, Cloud Computing Security Threats and Responses 978-1-61284-486-2/111$26.00 2011 IEEE
[2] SANS Institute InfoSec Reading Room .
[3] Sanchika Gupta et al A Profile based Network Intrusion Detection and Prevention system for securing Cloud
Environment Copyright 2013 This is an open access article distributed under the Creative Commons
Attribution License.
[4] Chirag N. Modi Integrating Signature based Apriori based Network Intrusion in Cloud Computing 2nd
International Conference on Communication, Computing & Security (ICCCS-2012) Procedia Technology 6 ( 2012
) 905 912.
[5] Mr R.Kumar Securing Cloud Network Environment against Intrusion using Sequential algorithm International
journal of Engineering and General Science Volume 3, Issue 1, January-February,2015.
[6] RJeena et.al. Attack Graph model : A New approach for DDOS attack detection in Cloud International Journal
of Innovative Research in Computer and Communication Engineering Vol.3,Issue 2, February 2015.
[7] Shaohua Teng et.al A Cooperative Intrusion Detection Model for Cloud Computing Networks International
Journal of Security and its applications vol.8 N0.3 (2014) ,pp107-118 http://dx.doi.org/10.14257/ijsia.2014.8.3.12.
[8] www.hindawi.com/journals/ijdsn/2013/364575/tab1
AUTHORS
Ms B.KIRANMAI working as a Assoc.prof at KMIT ,Narayunguda. She completed M.Tech from
School of IT,JNTUH. Currently Pursuing her Ph.D. from JNTU Hyderabad. Her areas of interest are
Data Mining, Security.
Prof A.Damodaram took over as a Vice-Chancellor 31 october 2015. Dr Damodaram joined as
faculty of Computer Science &Engineering at JNTU,Hyderabad in the year 1989. In 2 decades of
dedicated service ,performed distinguished services for the university , as a Professor, Head of the
Department, Vice Principal, Director of UGC- Academic Staff College, Director of School of
Continuing & Distance Education , Director, University Academic Audit Cell, and Director of
Academic Planning. Dr Damodaram has successfully guided 23 Ph.D. and 2 cad
Scholars apart from a myriad of M.Tech projects. He is currently guiding 6 scholars for Ph.D.
Page 113

Defending DDOS Attacks in Cloud Computing Environment: A Survey

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Defending DDOS Attacks in Cloud Computing Environment: A Survey

Hochgeladen von

Copyright:

Verfügbare Formate

International Journal of Application or Innovation in Engineering & Management (IJAIEM)

Web Site: www.ijaiem.org Email: editor@ijaiem.org

ISSN 2319 - 4847