Enhanced-Adaptive Pattern Attack Recognition Technique (E-APART) Against EDoS Attacks in Cloud Computing

Enhanced-Adaptive Pattern Attack Recognition Technique (E-APART) Against EDoS Attacks in Cloud Computing

Rohit Thaper (Panjab University, Chandigarh, India) and Amandeep Verma (Department of Information Technology, Panjab University, Chandigarh, India)
Copyright: © 2015 |Pages: 15
DOI: 10.4018/JCIT.2015070105

Abstract

Cloud Computing is most widely used in current technology. It provides a higher availability of resources to greater number of end users. In the cloud era, security has develop a reformed source of worries. Distributed Denial of Service (DDoS) and Economical Denial of Sustainability (EDoS) are attacks that can affect the ‘pay-per-use' model. This model automatically scales the resources according to the demand of consumers. The functionality of this model is to mitigate the EDoS attack by some tactical attacker/s, group of attackers or zombie machine network (BOTNET) to minimize the availability of the target resources, which directly or indirectly reduces the profits and increase the cost for the cloud operators. This paper presents a model called Enhanced-APART which is step further of the authors' previous model (APART) that can be used to mitigate the EDoS attack from the cloud platform and shows the nature of the attack. Enhanced-APART model offers pre-shared security mechanism to ensure the access of legitimate users on the cloud services. It also performs pattern analysis in order to detect the EDoS caused by BOTNET mechanism and includes time-based and key-sharing post-setup authentication scheme to prevent the replication or replay attacks and thus results in mitigation of EDoS attack.
Article Preview

1. Introduction

These days society’s reliance on information technology has increased by large extent and cloud computing is an environment which fulfill this huge demand of resources in a cost efficient way. In Cloud Computing resources are provided as services to the users on pay-per-use model (www.arbornetworks.com) (Bhandari, 2013).

When DDoS attack is implemented in Cloud Computing environment it leads to another attack known as Economical-Denial-Of-Sustainability (EDoS). This attack exploits the dynamic scalability property of cloud (Metz, 2009). In EDoS, attacker uses the provisioned resources of the user and dynamically scale it by using the resources for invalid request generated by zombie machines. This results in raising the cost for the user and decrementing the profit and trust of the service provider thus affecting the sustainability of CSP as shown in Figure 1.

Figure 1.

Effect of an EDoS Attack against the cloud

In EDoS the users are charged for resources which they don’t even use (Robinson, 2005). The firms chosen for cloud will experience an overstated bills for using auto scaling feature to address an overflow of malicious traffic in order to meet the necessity to clear SLA.

A service level agreement (SLA) is an article which describes the connection among two parties: the provider and the receiver (Kandukuri, Reddy, Ramakrishna & Rakshit, 2009).

This is undoubtedly a very significant element of certification for both parties. If used correctly it must:

  • Classify and describe the customer’s requirements.

  • Deliver a framework for understanding.

  • Shorten composite matters.

  • Decrease parts of struggle.

  • Inspire discussion in the event of arguments.

  • Remove impractical prospects.

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 21: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 20: 4 Issues (2018): 2 Released, 2 Forthcoming
Volume 19: 4 Issues (2017)
Volume 18: 4 Issues (2016)
Volume 17: 4 Issues (2015)
Volume 16: 4 Issues (2014)
Volume 15: 4 Issues (2013)
Volume 14: 4 Issues (2012)
Volume 13: 4 Issues (2011)
Volume 12: 4 Issues (2010)
Volume 11: 4 Issues (2009)
Volume 10: 4 Issues (2008)
Volume 9: 4 Issues (2007)
Volume 8: 4 Issues (2006)
Volume 7: 4 Issues (2005)
Volume 6: 1 Issue (2004)
Volume 5: 1 Issue (2003)
Volume 4: 1 Issue (2002)
Volume 3: 1 Issue (2001)
Volume 2: 1 Issue (2000)
Volume 1: 1 Issue (1999)
View Complete Journal Contents Listing