Defense schemes for variants of distributed denial-of-service (DDoS) attacks in cloud computing: A survey

被引:12
作者
Agrawal N. [1 ]
Tapaswi S. [1 ]
机构
[1] Atal Bihari Vajpayee—Indian Institute of Information Technology and Management, Gwalior, Madhya Pradesh
来源
Information Security Journal | 2017年 / 26卷 / 02期
关键词
Availability; cloudcomputing security; distributed denial-of-service attack; economicdenial-of-sustainability attack; low-rate traffic;
D O I
10.1080/19393555.2017.1282995
中图分类号
学科分类号
摘要
Cloud computing is a fast-growing and promising technology segment that aims to reduce maintenance and management costs by shifting high-quality computing infrastructure to the Internet. It is emerging as a dominant technology because it provides an on-demand, self-service, scalable, and pay-per-use business model. Despite its numerous benefits, it suffers from several security challenges. As a consequence of on-demand service, availability of computing resources is the crucial attribute of cloud computing among security necessities. In this work, a survey is presented on various issues related to the availability of resources in a cloud environment. Ensuring availability and security of computing/storage resources are still challenging tasks. The adversary class readily exploits the vulnerabilities in the cloud infrastructure for attack implementation. The article presents a study of various categories of distributed denial-of-service (DDoS) attacks in cloud computing and their defense mechanisms. It is believed that this is the first work which surveys all varieties of DDoS attacks in the cloud environment. © 2017 Taylor & Francis.
引用
收藏
页码:61 / 73
页数:12
相关论文
共 37 条
[1]  
Alosaimi W., Alshamrani M., Begain K.A., Simulation-based study of distributed denial of service attacks prevention in the cloud, (2015)
[2]  
Baig Z.A., Sait S.M., Binbeshr F., Controlled access to cloud resources for mitigating Economic Denial of Sustainability (EDoS) attacks, Journal of Computer Networks, Elsevier, 97, pp. 31-47, (2016)
[3]  
Bakshi A., Dudojwala Y.B., Securing cloud from DDoS attacks using intrusion detection system in virtual machine, (2010)
[4]  
Chen H., Gaska T., Chen Y., Summerville D.H., An optimized reconfigurable power spectral density converter for real-time shrew DDoS attacks detection, Journal of Computers & Electrical Engineering, Elsevier, 39, 2, pp. 295-308, (2013)
[5]  
Chen Y., Hwang K., Collaborative detection and filtering of shrew DDoS attacks using spectral analysis, Journal of Parallel and Distributed Computing, Elsevier, 66, 9, pp. 1137-1151, (2006)
[6]  
Chen Z., Xu G., Mahalingam V., Ge L., Nguyen J., Yu W., Lu C., A cloud computing based network monitoring and threat detection system for critical infrastructures, Journal of Big Data Research, Elsevier, 3, pp. 10-23, (2016)
[7]  
Choi J., Choi C., Ko B., Kim P., A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment, Journal of Soft Computing, Springer, 18, 9, pp. 1697-1703, (2014)
[8]  
Deshmukh R.V., Devadkar K.K., Understanding DDoS attack & its effect in cloud environment, (2015)
[9]  
Dou W., Chen Q., Chen J., A confidence-based filtering method for DDoS attack defense in cloud environment, Journal of Future Generation Computer System, Elsevier, 29, 7, pp. 1838-1850, (2013)
[10]  
Fernandez G.M., Gomez R.A.R., Verdejo J.E.D., Defense techniques for low-rate DoS attacks against application servers, Journal of Computer Networks, Elsevier, 54, 15, pp. 2711-2727, (2010)
1234