Biblio

Cloud computing emerges as an endowment technological data for the longer term and increasing on one of the standards of utility computing is most likely claimed to symbolize a wholly new paradigm for viewing and getting access to computational assets. As a result of protection problem many purchasers hesitate in relocating their touchy data on the clouds, regardless of gigantic curiosity in cloud-based computing. Security is a tremendous hassle, considering the fact that so much of firms present a alluring goal for intruders and the particular considerations will pursue to lower the advancement of distributed computing if not located. Hence, this recent scan and perception is suitable to honeypot. Distributed Denial of Service (DDoS) is an assault that threats the availability of the cloud services. It's fundamental investigate the most important features of DDoS Defence procedures. This paper provides exact techniques that been carried out to the DDoS attack. These approaches are outlined in these paper and use of applied sciences for special kind of malfunctioning within the cloud.

This study stems from the premise that we need to break away from the "reactive" cycle of developing defenses against new DDoS attacks (e.g., amplification) by proactively investigating the potential for new types of DDoS attacks. Our specific focus is on pulsating attacks, a particularly debilitating type that has been hypothesized in the literature. In a pulsating attack, bots coordinate to generate intermittent pulses at target links to significantly reduce the throughput of TCP connections traversing the target. With pulsating attacks, attackers can cause significantly greater damage to legitimate users than traditional link flooding attacks. To date, however, pulsating attacks have been either deemed ineffective or easily defendable for two reasons: (1) they require a central coordinator and can thus be tracked; and (2) they require tight synchronization of pulses, which is difficult even in normal non-congestion scenarios. This paper argues that, in fact, the perceived drawbacks of pulsating attacks are in fact not fundamental. We develop a practical pulsating attack called CICADAS using two key ideas: using both (1) congestion as an implicit signal for decentralized implementation, and (2) a Kalman-filter-based approach to achieve tight synchronization. We validate CICADAS using simulations and wide-area experiments. We also discuss possible countermeasures against this attack.

In cyberspace, availability of the resources is the key component of cyber security along with confidentiality and integrity. Distributed Denial of Service (DDoS) attack has become one of the major threats to the availability of resources in computer networks. It is a challenging problem in the Internet. In this paper, we present a detailed study of DDoS attacks on the Internet specifically the attacks due to protocols vulnerabilities in the TCP/IP model, their countermeasures and various DDoS attack mechanisms. We thoroughly review DDoS attacks defense and analyze the strengths and weaknesses of different proposed mechanisms.

In our previous work [1], we presented a study of using performance escalation to automatic detect Distributed Denial of Service (DDoS) types of attacks. We propose to enhance the work of security threat detection by using mobile phones as the detector to identify outliers of normal traffic patterns as threats. The mobile solution makes detection portable to any services. This paper also shows that the same detection method works for advanced persistent threats.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack, exhausts the resources of server/service and makes it unavailable for legitimate users. With increasing use of online services and attacks on these services, the importance of Intrusion Detection System (IDS) for detection of DoS/DDoS attacks has also grown. Detection accuracy & CPU utilization of Data mining based IDS is directly proportional to the quality of training dataset used to train it. Various preprocessing methods like normalization, discretization, fuzzification are used by researchers to improve the quality of training dataset. This paper evaluates the effect of various data preprocessing methods on the detection accuracy of DoS/DDoS attack detection IDS and proves that numeric to binary preprocessing method performs better compared to other methods. Experimental results obtained using KDD 99 dataset are provided to support the efficiency of proposed combination.
 

The goal of this letter is to explore the extent to which the vulnerabilities plaguing the Internet, particularly susceptibility to distributed denial-of-service (DDoS) attacks, impact the Cloud. DDoS has been known to disrupt Cloud services, but could it do worse by permanently damaging server and switch hardware? Services are hosted in data centers with thousands of servers generating large amounts of heat. Heating, ventilation, and air-conditioning (HVAC) systems prevent server downtime due to overheating. These are remotely managed using network management protocols that are susceptible to network attacks. Recently, Cloud providers have experienced outages due to HVAC malfunctions. Our contributions include a network simulation to study the feasibility of such an attack motivated by our experiences of such a security incident in a real data center. It demonstrates how a network simulator can study the interplay of the communication and thermal properties of a network and help prevent the Cloud provider's worst nightmare: meltdown of the data center as a result of a DDoS attack.

Distributed Denial of Service (DDoS) attacks are one of the challenging network security problems to address. The existing defense mechanisms against DDoS attacks usually filter the attack traffic at the victim side. The problem is exacerbated when there are spoofed IP addresses in the attack packets. In this case, even if the attacking traffic can be filtered by the victim, the attacker may reach the goal of blocking the access to the victim by consuming the computing resources or by consuming a big portion of the bandwidth to the victim. This paper proposes a Trace back-based Defense against DDoS Flooding Attacks (TDFA) approach to counter this problem. TDFA consists of three main components: Detection, Trace back, and Traffic Control. In this approach, the goal is to place the packet filtering as close to the attack source as possible. In doing so, the traffic control component at the victim side aims to set up a limit on the packet forwarding rate to the victim. This mechanism effectively reduces the rate of forwarding the attack packets and therefore improves the throughput of the legitimate traffic. Our results based on real world data sets show that TDFA is effective to reduce the attack traffic and to defend the quality of service for the legitimate traffic.

Cloud computing is a distributed architecture that has shared resources, software, and information. There exists a great number of implementations and research for Intrusion Detection Systems (IDS) in grid and cloud environments, however they are limited in addressing the requirements for an ideal intrusion detection system. Security issues in Cloud Computing (CC) have become a major concern to its users, availability being one of the key security issues. Distributed Denial of Service (DDoS) is one of these security issues that poses a great threat to the availability of the cloud services. The aim of this research is to evaluate the performance of IDS in CC when the DDoS attack is detected in a private cloud, named Saa SCloud. A model has been implemented on three virtual machines, Saa SCloud Model, DDoS attack Model, and IDSServer Model. Through this implementation, Service Intrusion Detection System in Cloud Computing (SIDSCC) will be proposed, investigated and evaluated.