Controlled access to cloud resources for mitigating economic denial of sustainability (EDoS) attacks

Cloud computing is a paradigm that provides scalable IT resources as a service over the Internet. Vulnerabilities in the cloud infrastructure have been readily exploited by the adversary class. Therefore, providing the desired level of assurance to all stakeholders through safeguarding data (sensitive or otherwise) which is stored in the cloud, is of utmost importance. In addition, protecting the cloud from adversarial attacks of diverse types and intents, cannot be understated. Economic Denial of Sustainability (EDoS) attack is considered as one of the concerns that has stalled many organizations from migrating their operations and/or data to the cloud. This is because an EDoS attack targets the financial component of the service provider. In this work, we propose a novel and reactive approach based on a rate limit technique, with low overhead, to detect and mitigate EDoS attacks against cloud-based services. Through this reactive scheme, a limited access permission for cloud services is granted to each user. Experiments were conducted in a laboratory cloud setup, to evaluate the performance of the proposed mitigation technique. Results obtained show that the proposed approach is able to detect and prevent such an attack with low cost and overhead. © 2016 Elsevier B.V. All rights reserved

The Design of a rule-based and event-driven trust management framework

In both e-commerce (EC) and service-oriented computing (SOC) environments, sellers or service providers interact with customers or service clients for services or transactions. From the point view of customers or service clients, the trust status of the seller or service provider is a critical issue to consider, particularly when the seller or service provider is unknown to them. Typically, the trust evaluation is based on the feedback on the service quality provided by customers and clients. Traditionally, the trust evaluation method is based on formulas only. This might be rigid to some complex applications, like SOC. In this paper, we propose a novel integrated trust management framework that is event-driven and rule-based. In this framework, the trust computation is based on formulas. But rules are defined to determine which formula and arguments to use according to the event occurred during the transaction or service. In addition, we also propose some trust evaluation metrics and a formula. A set of empirical studies has been conducted to study the properties of the proposed formula and how to control the trust change trend in both trust increment and decrement cases. The proposed framework is more generic and suitable for different domains and complex trust evaluation systems.8 page(s