Home   >   CSC-OpenAccess Library   >    Manuscript Information
New Framework to Detect and Prevent Denial of Service Attack in Cloud Computing Environment
Mohd Nazri Ismail, Abdulaziz Aborujilah, Shahrulniza Musa, AAmir Shahzad
Pages - 226 - 237     |    Revised - 15-07-2012     |    Published - 10-08-2012
Volume - 6   Issue - 4    |    Publication Date - August 2012  Table of Contents
Flooding Based Denial-of-service (DDoS) Attack, Honeypot, Covariance Matrix
Cloud computing paradigm as one of new concept in world of computing in general and especially in computer network, give a new facilities such as IaaS (infrastructure as service), PaaS (platform as stricter) and SaaS (software as service). All this services offered by utilization of new and old techniques such as resources sharing distributed networking, virtualization. But it still suffering from some shortages and one of the most important one is security threats. and one of the most dangers is Distributed denial-of-service (DDoS), and for overcome this threat many techniques has been proposed and most of them give more attention to one aspect either detecting or preventing or tracing the sources of attack and a few which address the attack in all its aspect. here we propose new framework to counter this attack by detect the attack using covariance matrix statistical method and determine the sources of attack using TTl Distance average and Finlay we apply a technique to eliminate attack by get benefit from the Honeypot method to block all attacks sources and transfer the legitimate traffic to another virtual machine not affected by attack.
CITED BY (8)  
1 Nagarajan, P., & Perumal, G. (2015). Detection of Denial of Service Attack in Cloud using Fuzzy Time Series Analysis and EM Algorithm. International Journal of Advancements in Computing Technology, 7(5), 25.
2 Ali Tandra, S., & Rizvi, S. M. (2014). Security for Cloud Based Services.
3 Banafar, H., & Sharma, S. Secure Cloud Environment Using Hidden Markov Model and Rule Based Generation.
4 Latif, R., Abbas, H., & Assar, S. (2014). Distributed denial of service (DDoS) attack in cloud-assisted wireless body area networks: a systematic literature review. Journal of medical systems, 38(11), 1-10.
5 Kumar Shridhar, N. G. (2014). A Prevention of DDos Attacks in Cloud Using Honeypot. International Journal of Science and Research, 3(11), 2378-2383.
6 Aishwarya, R., & Malliga, S. (2014, April). Intrusion detection system-An efficient way to thwart against Dos/DDos attack in the cloud environment. In Recent Trends in Information Technology (ICRTIT), 2014 International Conference on (pp. 1-6). IEEE.
7 Ismail, M. N., Aborujilah, A., Musa, S., & Shahzad, A. (2013, January). Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach. In Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication (p. 36). ACM.
8 Chawla, I., Kaur, D., & Luthra, P. DDoS Attacks in Cloud and Mitigation Techniques.
1 Google Scholar 
2 CiteSeerX 
3 refSeek 
4 TechRepublic 
5 Scribd 
6 SlideShare 
7 PdfSR 
Armbrust, M., et al., A view of cloud computing. Communications of the ACM, 2010. 53(4): p. 50-58.
Bhardwaj, S., L. Jain, and S. Jain, Cloud computing: A study of infrastructure as a service (IAAS). International Journal of engineering and information Technology, 2010. 2(1): p. 60-63.
Buyya, R., High performance cluster computing: programming and applications, vol. 2. Pre ticeHallPTR, NJ, 1999.
Chang, R.K.C., Defending against flooding-based distributed denial-of-service attacks: A tutorial. Communications Magazine, IEEE, 2002. 40(10): p. 42-51.
Chao-yang, Z. DOS Attack Analysis and Study of New Measures to Prevent. 2011: IEEE.
Choi, Y.S., et al. Integrated DDoS attack defense infrastructure for effective attack prevention. 2010: IEEE.
Foster, I. and C. Kesselman, The grid: blueprint for a new computing infrastructure. 2004: Morgan Kaufmann.
Foster, I., et al. Cloud computing and grid computing 360-degree compared. 2008: Ieee.
Guilbault, N. and R. Guha. Experiment setup for temporal distributed intrusion detection system on amazon's elastic compute cloud. 2009: IEEE.
Gupta, B., R. Joshi, and M. Misra, Prediction of Number of Zombies in a DDoS Attack using Polynomial Regression Model. Journal of Advances in Information Technology, 2011. 2(1): p. 57-62.
Habib, A., M. Hefeeda, and B. Bhargava. Detecting service violations and DoS attacks. 2003.
Hao, S., et al. A queue model to detect DDos attacks. 2005: IEEE.
Hu, Y.H., H. Choi, and H.A. Choi. Packet filtering to defend flooding-based DDoS attacks [Internet denial-of-service attacks]. 2004: IEEE.
Kong, J., et al. Random flow network modeling and simulations for DDoS attack mitigation. 2003: IEEE.
Kulkarni, G., J. Gambhir, and R. Palwe, Cloud Computing-Software as Service. International Journal of Cloud Computing and Services Science (IJ-CLOSER), 2012. 1(1).
Kulkarni, G., P. Khatawkar, and J. Gambhir, Cloud Computing-Platform as Service. International Journal of Engineering. 1.
Lamping, U. and E. Warnicke, Wireshark User's Guide. Interface, 2004. 4: p. 6.
Lee, S., G. Kim, and S. Kim, Sequence-order-independent network profiling for detecting application layer DDoS attacks. EURASIP Journal on Wireless Communications and Networking, 2011. 2011(1): p. 1-9.
Leu, F., Intrusion Detection, Forecast and Traceback Against DDoS Attacks. 2009.
Lo, C.C., C.C. Huang, and J. Ku. A cooperative intrusion detection system framework for cloud computing Networks. 2010: IEEE.
Mell, P. and T. Grance, The NIST definition of cloud computing. National Institute of Standards and Technology, 2009. 53(6): p. 50.
Ngongang, G., Cloud Computing Security. 2011.
Nunez, A., et al. Design of a flexible and scalable hypervisor module for simulating cloud computing environments. 2011: IEEE.
Prabha, S. and R. Anitha, Mitigation of Application Traffic DDOS Attacks with Trust and Am Based Hmm Models. International Journal of Computer Applications IJCA, 2010. 6(9): p. 26-34.
Roesch, M. Snort-lightweight intrusion detection for networks. 1999: Seattle, Washington.
Singh, N., S. Ghrera, and P. Chaudhuri, Denial of Service Attack: Analysis of Network Traffic Anormaly using Queuing Theory. Arxiv preprint arXiv:1006.2807, 2010.
Subashini, S. and V. Kavitha, A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 2011. 34(1): p. 1-11.
Wang, H., C. Jin, and K.G. Shin, Defense against spoofed IP traffic using hop-count filtering. IEEE/ACM Transactions on Networking (TON), 2007. 15(1): p. 40-53.
Wuu, L.C., et al. A practice of the intrusion prevention system. 2007: IEEE.
Xie, Y. and S.Z. Yu, Monitoring the application-layer DDoS attacks for popular websites. Networking, IEEE/ACM Transactions on, 2009. 17(1): p. 15-25.
Yeung, D.S., S. Jin, and X. Wang, Covariance-matrix modeling and detecting various flooding attacks. Systems, Man and Cybernetics, Part A: Systems and Humans, IEEE Transactions on, 2007. 37(2): p. 157-169.
Mr. Mohd Nazri Ismail
- Malaysia
Mr. Abdulaziz Aborujilah
- Malaysia
Mr. Shahrulniza Musa
- Malaysia
Dr. AAmir Shahzad
- Malaysia

View all special issues >>