Top

Published in:

2017 | OriginalPaper | Chapter

Proactive Approach for the Prevention of DDoS Attacks in Cloud Computing Environments

Authors : Badr Alshehry, William Allen

Published in: Applied Computing and Information Technology

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Contemporary security systems attempt to provide protection against distributed denial-of-service (DDoS) attacks; however, they mostly use a variety of computing and hardware resources for load distribution and request delays. As a result, ordinary users and website visitors experience timeouts, captchas, and low-speed connections. In this paper, we propose a highly inventive multilayer system for protection against DDoS in the cloud that utilizes Threat Intelligence techniques and a proactive approach to detect traffic behavior anomalies. The first layer of the model analyzes the source IP address in the header of incoming traffic packets and the second layer analyzes the speed of requests and calculates the threshold of the attack speed. If an attack remains undetected, the incoming traffic packets are analyzed against the behavior patterns in the third layer. The fourth layer reduces the traffic load by dispatching the traffic to the proxy, if required, and the fifth layer establishes the need for port hopping between the proxy and the target website if the attack targets a specific web-application. A series of experiments were performed and the results demonstrate that this multilayer approach can detect and mitigate DDoS attacks from a variety of known and unknown sources.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Emotional Video Scene Retrieval Using Multilayer Convolutional Network

next chapter Practical Uses of Memory Storage Extension

Akamai, State of the Internet Report (2015).

Wang, A., Mohaisen, A., Chang, W., Chen, S.: Delving into internet DDoS attacks by botnets: characterization and analysis. In: 45th Annual IEEE/IFIP International Conference Dependable Systems and Networks (DSN), 379–390 (2015).

Arbor Networks. Worldwide Infrastructure Security Report, DDoS Threat Landscape. APNIC Conference (2016).

Riverhead Networks. DDoS Mitigation: Maintaining Business Continuity in the Face of Malicious Attacks, Cupertino: Riverhead, Cisco (2004).

Friedman, J., Bouchard, M.: Definitive Guide to Cyber Threat Intelligence, CyberEdge Press (2015).

Cyber threat intelligence - how to get ahead of cybercrime, Ernst & Young Global Limited (2014).

Chismon, D., Ruks, M.: Threat Intelligence: Collecting, Analysing, Evaluating. MWR InfoSecurity Ltd (2015).

Farnham, G., Leune, K.: Tools and standards for cyber threat intelligence projects, SANS Institute (2013).

McMillan, R.: Definition: Threat Intelligence. Gartner, 2013.

10.

Cho, J.H., Shin, J.Y., Lee, H., Kim, J.M., Lee, G.: DDoS Prevention System Using Multi-Filtering Method (2015).

11.

Graham, M., Winckles, A., Sanchez-Velazquez, E.: Botnet detection within cloud service provider networks using flow protocols. In: IEEE 13th International Conference on Industrial Informatics (INDIN), 1614–1619 (2015).

12.

Karim, A., Salleh, R.B., Shiraz, M., Shah, S.A.A., Awan, I., Anuar, N.B.: Botnet detection techniques: review, future trends, and issues. Journal of Zhejiang University SCIENCE C 15, 943–983 (2014).

13.

Mansfield-Devine, S.: The evolution of DDoS. Computer Fraud & Security 2014, 15–20 (2014).

14.

Deshmukh, R.V., Devadkar, K.K.: Understanding DDoS Attack & its Effect in Cloud Environment. Procedia Computer Science 49, 202–210 (2015).

15.

Xiao, P., Qu, W., Qi, H., Li, Z.: Detecting DDoS attacks against data center with correlation analysis. Computer Communications 67, 66–74 (2015).

16.

Saied, A., Overill, R.E., Radzik, T.: Detection of known and unknown DDoS attacks using Artificial Neural Networks. Neurocomputing 172, 385–393 (2016).

17.

Ramesh, S., Pichumani, S., Chakravarthy, V.: Improving the Efficiency of IP Traceback at the DoS Victim. http://www.cs.utah.edu/~sramesh/attachments/ip_traceback.pdf.

18.

Saurabh, S., Sairam, A.S.: Increasing Accuracy and Reliability of IP Traceback for DDoS Attack Using Completion Condition. Int. J. Network Security 18, 224–234 (2016).

19.

Li, J., Sung, M., Xu, J., Li, L.: Large-scale IP traceback in high-speed Internet: Practical techniques and theoretical foundation. In: Proceedings of the IEEE Symposium on Security and Privacy, 2004. 115–129 (2004).

20.

Gong, C., Sarac, K.: IP traceback based on packet marking and logging. In: IEEE Conference on Communications (ICC). 2, 1043–1047 (2005).

21.

Foroushani, V.A., Zincir-Heywood, A.N.: Deterministic and authenticated flow marking for IP traceback. In: IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), 397–404 (2013).

22.

Yan, D., Wang, Y., Su, S., Yang, F.: A precise and practical IP traceback technique based on packet marking and logging. J. Inf. Sci. Eng. 28, 453–470 (2012).

23.

Aghaei-Foroushani, V., Zincir-Heywood, A.N.: On evaluating IP traceback schemes: a practical perspective. In IEEE Security and Privacy Workshops (SPW), 127–134 (2013).

24.

Sung, M., Xu, J. IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks. IEEE Trans. Parallel Distrib. Syst. 14, 861–872 (2003).

25.

Park, K., Lee, H.: On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack. In INFOCOM 2001. Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies. IEEE Proceedings 1, 338–347 (2001).

26.

Song, D.X., Perrig, A.: Advanced and authenticated marking schemes for IP traceback. In: INFOCOM 2001. Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies. IEEE Proceedings, 2, 878–886 (2001).

27.

Parashar, A. Radhakrishnan, R.: Improved deterministic packet marking algorithm for IPv6 traceback,. In: International Conference on Electronics and Communication Systems (ICECS), 1–4 (2014).

28.

Amin, S.O., Hong, C.S.: On IPv6 Traceback. In: The 8th International Conference on Advanced Communication Technology, ICACT 2006. 3, 2139–2143 (2006).

29.

Amin, S.O., Kang, M.S., Hong, C.S.: A lightweight IP traceback mechanism on IPv6. In: Emerging Directions in Embedded and Ubiquitous Computing, Amin, S.O., Kang, M.S., Hong, S.C. (Eds.) Springer, Berlin Heidelberg (2006).

30.

Kim, R.H., Jang, J.H., Youm, H.Y.: An Efficient IP Traceback mechanism for the NGN based on IPv6 Protocol, IITA’09 (2009).

31.

Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical network support for IP traceback. In: ACM SIGCOMM Computer Communication Review, 30, 295–306 (2000).

32.

Shi, F.: U.S. Patent No. 8,434,140. Washington, DC: U.S. Patent and Trademark Office (2013).

33.

Morris, C.C, Burch, L.L., Robinson, D.T.: U.S. Patent No. 8,301,789. Washington, DC: U.S. Patent and Trademark Office (2012).

34.

Source code of the entropy-based network traffic anomaly detector. Retrieved May 26, 2016, from https://github.com/anacristina/entropy-based-anomaly-detector.

Title: Proactive Approach for the Prevention of DDoS Attacks in Cloud Computing Environments
Authors: Badr Alshehry
William Allen
Publisher: Springer International Publishing
Book: Applied Computing and Information Technology
Print ISBN: 978-3-319-51471-0

Electronic ISBN: 978-3-319-51472-7

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-3-319-51472-7_9

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner