Detection of Economic Denial of Sustainability Using Time Spent on a Web Page in Cloud

Koduru, Anusha; Neelakantam, TulasiRam; Bhanu, S. Mary Saira

doi:10.1109/ccem.2013.6684433

Cited by 21 publications

(12 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A good client will follow a pattern that reflects normal activity on the web, while a bad client will show some abnormal activities. Similarly, Anusha et al [8] study the behavior of normal users of Web applications. They assume that an attacker spends a very short time (almost zero) over a Web page.…”

Section: Related Workmentioning

confidence: 99%

“…In this paper, we shed light on the problem of detecting cloud-based DoS attacks under a changing environment. Although several advanced approaches have been proposed to detect DoS attacks in virtualized cloud (e.g., [6][7][8][9]), these approaches still causes a significant decrease in the detection accuracy when used in a cloud environment. The reason is that the current approaches do not consider the changing environment, that characterises the cloud as a result of its inherent characteristics (resources restriction and scaling).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment

2018

View full text Add to dashboard Cite

Cloud Computing enables providers to rent out space on their virtual and physical infrastructures. Denial of Service (DoS) attacks threaten the ability of the cloud to respond to clients requests, which results in considerable economic losses. The existing detection approaches are still not mature enough to satisfy a cloud-based detection systems requirements since they overlook the changing/dynamic environment, that characterises the cloud as a result of its inherent characteristics. Indeed, the patterns extracted and used by the existing detection models to identify attacks, are limited to the current VMs infrastructure but do not necessarily hold after performing new adjustments according to the pay-as-you-go business model. Therefore, the accuracy of detection will be negatively affected. Motivated by this fact, we present a new approach for detecting DoS attacks in a virtualized cloud under changing environment. The proposed model enables monitoring and quantifying the effect of resources adjustments on the collected data. This helps filter out the effect of adjustments from the collected data and thus enhance the detection accuracy in dynamic environments. Our solution correlates as well VMs application metrics with the actual resources load, which enables the hypervisor to distinguish between benignant high load and DoS attacks. It helps also the hypervisor identify the compromised VMs that try to needlessly consume more resources. Experimental results show that our model is able to enhance the detection accuracy under changing environments.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment

2018

View full text Add to dashboard Cite

show abstract

“…Outliers are identified, which deviate from these profiles. Authors in [61] argued that an attacker would not spend any time on a page but would request them like a flood. They have gathered TSP behavior of users as well as of bots and identified that the attackers TSP is mostly negligible or even if it is not near zero, it is constant or periodic.…”

Section: Anomaly Detection (D1)mentioning

confidence: 99%

DDoS attacks in cloud computing: Issues, taxonomy, and future directions

Somani

Gaur

Sanghi

et al. 2017

Computer Communications

244

102

View full text Add to dashboard Cite

Security issues related to the cloud computing are relevant to various stakeholders for an informed cloud adoption decision. Apart from data breaches, the cyber security research community is revisiting the attack space for cloud-specific solutions as these issues affect budget, resource management, and service quality. Distributed Denial of Service (DDoS) attack is one such serious attack in the cloud space. In this paper, we present developments related to DDoS attack mitigation solutions in the cloud. In particular, we present a comprehensive survey with a detailed insight into the characterization, prevention, detection, and mitigation mechanisms of these attacks. Additionally, we present a comprehensive solution taxonomy to classify DDoS attack solutions. We also provide a comprehensive discussion on important metrics to evaluate various solutions. This survey concludes that there is a strong requirement of solutions, which are designed keeping utility computing models in mind. Accurate auto-scaling decisions, multi-layer mitigation, and defense using profound resources in the cloud, are some of the key requirements of the desired solutions. In the end, we provide a definite guideline on effective solution building and detailed solution requirements to help the cyber security research community in designing defense mechanisms. To the best of our knowledge, this work is a novel attempt to identify the need of DDoS mitigation solutions involving multi-level information flow and effective resource management during the attack.

show abstract

“…The system switches to suspected mode and called scrubber Service which generate a puzzle to check legitimacy of the client. In [18], the authors proposed WebSOS to protect web servers by using a filtering mechanism that admits HTTP traffic from only trusted sources known to overlay nodes, to tell Computers and Humans Apart Legitimate clients have to first pass the Completely Automated Public Turing test (CAPTCHA) [19]. The proposed WebSOS presents the performance degradation due to non direct routing, and also CAPTCHA is being challenged today by bots with the appearance of many algorithms that cracks CAPTCHAs such as Google Maps street address, which reading the algorithm with 99.8 percent accuracy.…”

Section: Related Workmentioning

confidence: 99%

Mitigating Economic Denial of Sustainability Attacks to Secure Cloud Computing Environments

Zekri

Kafhali

Hanini

et al. 2017

TMLAI

View full text Add to dashboard Cite

In cloud computing environment where the infrastructure is shared by millions of users, attackers have the opportunity to ensure more damage to the compromised resources. The main aim of such attacks is to saturate and overload the system network through a massive data packets size flooding toward a victim server and to block the service to customers. The Distributed Denialofservice (DDoS) attack is considered one of the largest threats to the Quality of Service (QoS) of cloud services which is used to deny access for legitimate users of an online service. However, Economic Denial of Sustainability (EDoS) attack is a special breed of DDoS attack that attack exploits auto scaling feature of cloud. The Cloud Service Provider (CSP) scales the architecture automatically to serve those requests for which cloud consumer is charged. A consumer expects a sustainable profit after hosting his application on cloud. The attacker purpose is to guarantee the service unavailability and maximize the financial loss costs by increasing the cost and decreasing the profit. Hence, in this paper we propose a novel mitigation system against the EDoS attacks. Our system consists of source Checking, Counting, and Turing Test. The obtained simulation results show that our system works efficiently to mitigate the EDoS attack in cloud environment.

show abstract

Detection of Economic Denial of Sustainability Using Time Spent on a Web Page in Cloud

Cited by 21 publications

References 6 publications

An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment

An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment

DDoS attacks in cloud computing: Issues, taxonomy, and future directions

Mitigating Economic Denial of Sustainability Attacks to Secure Cloud Computing Environments

Contact Info

Product

Resources

About