Economic Denial of Sustainability Attacks Mitigation in the Cloud

Cyber security is one of the most attention seeking issues with the increasing advancement of technology specifically when the network availability is threaten by attacks such as Denial of Service attacks (DoS), Distributed DoS attacks (DDoS), and Economic Denial of Sustainability (EDoS). The loss of the availability and accessibility of cloud services have greater impacts than those in the traditional enterprises networks. This paper introduces a new technique to mitigate the impacts of attacks which is called Enhanced DDoS-Mitigation System (Enhanced DDoS-MS) that helps in overcoming the determined security gap. The proposed technique is evaluated experimentally and the result shows that the proposed method adds lower delays as a result of the enhanced security. The paper also suggests some future directions to improve the proposed framework

Controlled access to cloud resources for mitigating economic denial of sustainability (EDoS) attacks

Cloud computing is a paradigm that provides scalable IT resources as a service over the Internet. Vulnerabilities in the cloud infrastructure have been readily exploited by the adversary class. Therefore, providing the desired level of assurance to all stakeholders through safeguarding data (sensitive or otherwise) which is stored in the cloud, is of utmost importance. In addition, protecting the cloud from adversarial attacks of diverse types and intents, cannot be understated. Economic Denial of Sustainability (EDoS) attack is considered as one of the concerns that has stalled many organizations from migrating their operations and/or data to the cloud. This is because an EDoS attack targets the financial component of the service provider. In this work, we propose a novel and reactive approach based on a rate limit technique, with low overhead, to detect and mitigate EDoS attacks against cloud-based services. Through this reactive scheme, a limited access permission for cloud services is granted to each user. Experiments were conducted in a laboratory cloud setup, to evaluate the performance of the proposed mitigation technique. Results obtained show that the proposed approach is able to detect and prevent such an attack with low cost and overhead. © 2016 Elsevier B.V. All rights reserved

Machine learning-based EDoS attack detection technique using execution trace analysis

One of the most important benefits of using cloud computing is the benefit of on-demand services. Accordingly, the method of payment in the cloud environment is pay per use. This feature results in a new kind of DDOS attack called Economic Denial of Sustainability (EDoS), in which the customer pays extra to the cloud provider as a result of the attack. Similar to other DDoS attacks, EDoS attacks are divided into different types, such as (1) bandwidth-consuming attacks, (2) attacks that target specific applications, and 3) connection-layer exhaustion attacks. In this work, we propose a novel framework to detect different types of EDoS attacks by designing a profile that learns from and classifies the normal and abnormal behaviors. In this framework, the extra demanding resources are only allocated to VMs that are detected to be in a normal situation and therefore prevent the cloud environment from attack and resource misuse propagation

Towards applying FCM with DBSCAN for Detecting DDoS Attack in Cloud Infrastructure to Improve Data Transmission Rate

Cloud is a pay-to-use technology which can be used to offer IT resources instead of buying computer hardware. It is time saving and cheaper technology. This paper analyzes the DDoS attack on cloud infrastructure and can be detected by using FCM with DBSCAN hybrid algorithm that classifies the clusters of data packets and detects the outlier in that particular data packet. The experimental outcome shows that the enhanced hybrid approach has better results in detecting the DDoS attack. The DDoS attack targets the main host of the cloud infrastructure by sending unwanted packets. This attack is a major threat to the network security. The FCM with DBSCAN hybrid approach detects outliers and also assigns one specific data point in clusters to detect DDoS attack in cloud infrastructure. By using this hybrid approach the data can be grouped as clusters and the data beyond the noise level can also be detected. This algorithm helps in identifying the data that are vulnerable to DDoS attack. This detection helps in improving the data transmission rate

Pattern Analytical Module for EDOS Attacker Recognition

Abstract: Cloud computing has provided a platform to its users where they are charged on the basis of usage of the cloud resources; this is known as "pay-as-you-use". Today, Cloud computin