Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks
In cloud computing, data and applications are maintained on remote servers and accessed via the Internet. Virtualised resources such as dynamic servers are operated through the Internet, which increases the economic benefits accrued to customers from software. Cloud computing reduces customer concer...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
The International Association for Information, Culture, Human and Industry Technology (AICIT)
2015
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/7335/1/fskkp-2014-mazlina-Security_Scheme_for_Protecting.pdf http://umpir.ump.edu.my/id/eprint/7335/ https://www.researchgate.net/publication/306259719_Security_Scheme_for_Protecting_Cloud_Computing_Services_Against_Bursty_DDoS_Attacks |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.ump.umpir.7335 |
|---|---|
| record_format |
eprints |
| spelling |
my.ump.umpir.73352018-02-01T07:49:02Z http://umpir.ump.edu.my/id/eprint/7335/ Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks Mazlina, Abdul Majid Naser, Aws Mohamad Fadli, Zolkipli Khan, Nusrat Ullah T Technology (General) QA75 Electronic computers. Computer science In cloud computing, data and applications are maintained on remote servers and accessed via the Internet. Virtualised resources such as dynamic servers are operated through the Internet, which increases the economic benefits accrued to customers from software. Cloud computing reduces customer concerns about software licenses, hardware, and overall system maintenance. Connections between web services are typically enabled using the simple object access protocol (SOAP), and extensible markup language (XML) or hypertext transport protocol (HTTP) is used to construct SOAP messages. Denial of service (DoS) and distributed DoS (DDoS) are two major problems affecting cloud computing services, and it is a challenge to resolve them completely. The identity of the perpetrators of these acts is usually difficult to ascertain especially when the attacks are carried out using spoofed IP addresses. Consequently, differentiating genuine packets from the packets sent by hackers is difficult. The addresses are spoofed with the intention of causing harm to cloud service provider communication channels. Distinguishing legitimate messages from illegitimate messages is an important step towards solving the problem of DDoS attacks. Modulo and CLASSIE methods effectively detect and reduce spoofing attacks using unique rulesets. In this paper, we propose using modulo packet marking and a method called reconstruct and drop (RAD) to differentiate and discard malicious packets. The proposed method improves the detection and filtering of DDoS attacks. Further, the results of comparisons conducted indicate that the proposed method requires fewer bits than Huffman code and its performance is better than that of cloud protector. The International Association for Information, Culture, Human and Industry Technology (AICIT) 2015 Article PeerReviewed application/pdf en http://umpir.ump.edu.my/id/eprint/7335/1/fskkp-2014-mazlina-Security_Scheme_for_Protecting.pdf Mazlina, Abdul Majid and Naser, Aws and Mohamad Fadli, Zolkipli and Khan, Nusrat Ullah (2015) Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks. International Journal on Advances in Information Sciences and Service Sciences, 7 (1). pp. 39-45. ISSN 2233-9345 https://www.researchgate.net/publication/306259719_Security_Scheme_for_Protecting_Cloud_Computing_Services_Against_Bursty_DDoS_Attacks |
| institution |
Universiti Malaysia Pahang |
| building |
UMP Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Malaysia Pahang |
| content_source |
UMP Institutional Repository |
| url_provider |
http://umpir.ump.edu.my/ |
| language |
English |
| topic |
T Technology (General) QA75 Electronic computers. Computer science |
| spellingShingle |
T Technology (General) QA75 Electronic computers. Computer science Mazlina, Abdul Majid Naser, Aws Mohamad Fadli, Zolkipli Khan, Nusrat Ullah Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks |
| description |
In cloud computing, data and applications are maintained on remote servers and accessed via the Internet. Virtualised resources such as dynamic servers are operated through the Internet, which increases the economic benefits accrued to customers from software. Cloud computing reduces customer concerns about software licenses, hardware, and overall system maintenance. Connections between web services are typically enabled using the simple object access protocol (SOAP), and extensible markup language (XML) or hypertext transport protocol (HTTP) is used to construct SOAP messages. Denial of service (DoS) and distributed DoS (DDoS) are two major problems affecting cloud computing services, and it is a challenge to resolve them completely. The identity of the perpetrators of these acts is usually difficult to ascertain especially when the attacks are carried out using spoofed IP addresses. Consequently, differentiating genuine packets from the packets sent by hackers is difficult. The addresses are spoofed with the intention of causing harm to cloud service provider communication channels. Distinguishing legitimate messages from illegitimate messages is an important step towards solving the problem of DDoS attacks. Modulo and CLASSIE methods effectively detect and reduce spoofing attacks using unique rulesets. In this paper, we propose using modulo packet marking and a method called reconstruct and drop (RAD) to differentiate and discard malicious packets. The proposed method improves the detection and filtering of DDoS attacks. Further, the results of comparisons conducted indicate that the proposed method requires fewer bits than Huffman code and its performance is better than that of cloud protector. |
| format |
Article |
| author |
Mazlina, Abdul Majid Naser, Aws Mohamad Fadli, Zolkipli Khan, Nusrat Ullah |
| author_facet |
Mazlina, Abdul Majid Naser, Aws Mohamad Fadli, Zolkipli Khan, Nusrat Ullah |
| author_sort |
Mazlina, Abdul Majid |
| title |
Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks |
| title_short |
Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks |
| title_full |
Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks |
| title_fullStr |
Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks |
| title_full_unstemmed |
Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks |
| title_sort |
security scheme for protecting cloud computing services against bursty ddos attacks |
| publisher |
The International Association for Information, Culture, Human and Industry Technology (AICIT) |
| publishDate |
2015 |
| url |
http://umpir.ump.edu.my/id/eprint/7335/1/fskkp-2014-mazlina-Security_Scheme_for_Protecting.pdf http://umpir.ump.edu.my/id/eprint/7335/ https://www.researchgate.net/publication/306259719_Security_Scheme_for_Protecting_Cloud_Computing_Services_Against_Bursty_DDoS_Attacks |
| _version_ |
1643665606107463680 |
| score |
13.211869 |