More Web Proxy on the site http://driver.im/

research-article

DDoS/EDoS attack in cloud: affecting everyone out there!

Authors:

Manoj Singh Gaur,

Dheeraj SanghiAuthors Info & Claims

SIN '15: Proceedings of the 8th International Conference on Security of Information and Networks

Pages 169 - 176

https://doi.org/10.1145/2799979.2800005

Published: 08 September 2015 Publication History

Abstract

DDoS attacks have become fatal attacks in recent times. There are large number of incidents which have been reported recently and caused heavy downtime and economic losses. Evolution of utility computing models like cloud computing and its adoption across enterprises is visible due to many promising features. Effects of DDoS attacks in cloud are no more similar to what they were in traditional fixed or on premise infrastructure. In addition to effects on the service, economic or sustainability effects are significant in the form of Economic Denial of Sustainability (EDoS) attacks. We argue that in a multi-tenant public cloud, multiple stakeholders are involved other than the victim server. Some of these important stakeholders are co-hosted virtual servers, physical server(s), network and, cloud service providers. We have shown through system analysis, experiments and simulations that these stakeholders are indeed affected though they are not the actual targets. Effects to other stakeholders include performance interference, web service performance, resource race, indirect EDoS, downtime and, business losses. Cloud scale simulations have revealed that overall energy consumption and no. of VM migrations are adversely affected due to DDoS/EDoS attacks. Losses to these stakeholders should be properly accounted and there is a need to devise methods to isolate these components well.

References

[1]

F. Al-Haidari, M. Sqalli, and K. Salah. Evaluation of the impact of edos attacks against cloud computing services. Arabian Journal for Science and Engineering, pages 1--13, 2014.

[2]

H. Aljahdali, P. Townend, and J. Xu. Enhancing multi-tenancy security in the cloud iaas model over public deployment. In Service Oriented System Engineering (SOSE), 2013 IEEE 7th International Symposium on, pages 385--390, March 2013.

Digital Library

[3]

Z. Anwar and A. Malik. Can a ddos attack meltdown my data center? a simulation study and defense strategies. Communications Letters, IEEE, 18(7): 1175--1178, July 2014.

[4]

A. Beloglazov and R. Buyya. Optimal online deterministic algorithms and adaptive heuristics for energy and performance efficient dynamic consolidation of virtual machines in cloud data centers. Concurrency and Computation: Practice and Experience, 24(13): 1397--1420, 2012.

Digital Library

[5]

C. Burt. Large volume ddos attacks see exceptional growth in first half of 2014: Arbor networks. Onlineonhttp://www.thewhir.com, 2014.

[6]

R. Chiang, S. Rajasekaran, N. Zhang, and H. Huang. Swiper: Exploiting virtual machine vulnerability in third-party clouds with competition for i/o resources. 2014.

[7]

R. Cohen. Cloud attack: Economic denial of sustainability (edos). http://www.elasticvapor.com/2009/01/cloud-attack-economic-denial-of.html, 2009.

[8]

C. Douligeris and A. Mitrokotsa. {DDoS} attacks and defense mechanisms: classification and state-of-the-art. Computer Networks, 44(5): 643--666, 2004.

Digital Library

[9]

D. Gupta, L. Cherkasova, R. Gardner, and A. Vahdat. Enforcing performance isolation across virtual machines in xen. In Middleware 2006, pages 342--362. Springer, 2006.

Digital Library

[10]

J. Idziorek, M. Tannian, and D. Jacobson. Detecting fraudulent use of cloud resources. In Proceedings of the 3rd ACM workshop on Cloud computing security, pages 61--72. ACM, 2011.

Digital Library

[11]

C. Jeong, T. Ha, J. Hwang, H. Lim, and J. Kim. Mars: measurement-based allocation of vm resources for cloud data centers. In Proc. of Student workhop, pages 63--66. ACM, 2013.

Digital Library

[12]

K. Labs. Global it security risks survey 2014 âĂŞdistributed denial of service (ddos) attacks. http://media.kaspersky.com/en/B2B-International-2014-Survey-DDoS-Summary-Report.pdf, 2014.

[13]

Y. Li, X. Tang, and W. Cai. On dynamic bin packing for resource allocation in the cloud. In Proc. of the 26th ACM Symp. Parallelism in algorithms and architectures, pages 2--11. ACM, 2014.

Digital Library

[14]

H. Liu. A new form of dos attack in a cloud and its avoidance mechanism. In Proc. of 2010 workshop on Cloud computing security, pages 65--76. ACM, 2010.

Digital Library

[15]

M. Luo, T. Peng, and C. Leckie. Cpu-based dos attacks against sip servers. In Network Operations and Management Symposium, 2008. NOMS 2008. IEEE, pages 41--48. IEEE, 2008.

[16]

R. Miao, M. Yu, and N. Jain. Nimbus: cloud-scale attack detection and mitigation. In Proceedings of the 2014 ACM conference on SIGCOMM, pages 121--122. ACM, 2014.

Digital Library

[17]

J. Mirkovic and P. Reiher. A taxonomy of ddos attack and ddos defense mechanisms. SIGCOMM Comput. Commun. Rev., 34(2): 39--53, Apr. 2004.

Digital Library

[18]

D. Moore, C. Shannon, D. J. Brown, G. M. Voelker, and S. Savage. Inferring internet denial-of-service activity. ACM Transactions on Computer Systems (TOCS), 24(2): 115--139, 2006.

Digital Library

[19]

P. Muncaster. Computer says âĂIJnoâĂİ: Will we ever be rid of ddos attacks? http://www.infosecurity-magazine.com/magazine-features/computer-says-no-ddos-attacks/, 2015.

[20]

L. Munson. Greatfire.org faces daily $30,000 bill from ddos attack. https://nakedsecurity.sophos.com/2015/03/20/greatfire-org-faces-daily-30000-bill-from-ddos-attack/, 2015.

[21]

P. Nelson. Cybercriminals moving into cloud big time, report says. http://www.networkworld.com/article/2900125/malware-cybercrime/criminals-moving-into-cloud-big-time-says-report.html, 2015.

[22]

F. Palmieri, S. Ricciardi, and U. Fiore. Evaluating network-based dos attacks under the energy consumption perspective: New security issues in the coming green ict area. In BWCCA, International Conference on, pages 374--379, Oct 2011.

Digital Library

[23]

R. Pandrangi. Verisign's q4 2014 ddos trends: Public sector experiences largest increase in ddos attacks. http://blogs.verisigninc.com/blog/entry/verisign_s_q4_2014_ddos, 2015.

[24]

T. Peng, C. Leckie, and K. Ramamohanarao. Survey of network-based defense mechanisms countering the dos and ddos problems. ACM Comput. Surv., 39(1), Apr. 2007.

Digital Library

[25]

R. Riggio, F. De Pellegrini, and D. Siracusa. The price of virtualization: Performance isolation in multi-tenants networks. In Network Operations and Management Symposium (NOMS), 2014 IEEE, pages 1--7. IEEE, 2014.

[26]

R. Shea and J. Liu. Understanding the impact of denial of service attacks on virtual machines. In Proc. 20th International Workshop on Quality of Service, page 27. IEEE Press, 2012.

Digital Library

[27]

R. Shea and J. Liu. Performance of virtual machines under networked denial of service attacks: Experiments and analysis. Systems Journal, IEEE, 7(2): 335--345, 2013.

[28]

G. Somani and S. Chaudhary. Application performance isolation in virtualization. In Cloud Computing, Int. Conf. on, pages 41--48. IEEE, 2009.

Digital Library

[29]

M. Stillwell, D. Schanzenbach, F. Vivien, and H. Casanova. Resource allocation algorithms for virtualized service hosting platforms. J. of Parallel and Distributed Comp., 70(9): 962--974, 2010.

Digital Library

[30]

L. M. Vaquero, L. Rodero-Merino, and R. Buyya. Dynamically scaling applications in the cloud. SIGCOMM Comp Comm Rev, 41(1): 45--52, 2011.

Digital Library

[31]

T. Wood, P. Shenoy, A. Venkataramani, and M. Yousif. Black-box and gray-box strategies for virtual machine migration. In Proceedings of the 4th USENIX NSDI, NSDI, pages 17--17, Berkeley, CA, USA, 2007.

Digital Library

[32]

Z. Xu, H. Wang, Z. Xu, and X. Wang. Power attack: An increasing threat to data centers. In Proc. of NDSS, volume 14, 2014.

[33]

S. Yu, R. Doss, W. Zhou, and S. Guo. A general cloud firewall framework with dynamic resource allocation. In ICC, pages 1941--1945. IEEE, 2013.

[34]

S. Yu, Y. Tian, S. Guo, and D. Wu. Can we beat ddos attacks in clouds? Parallel and Distributed Systems, IEEE Transactions on, PP(99): 1--1, 2013.

Cited By

Lyu QZhou YRen YWang ZGuo Y(2024)Toward Personal Data Sharing Autonomy: A Task-Driven Data Capsule Sharing SystemIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.347252919(9760-9774)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3472529
Bremler-Barr ACzeizler MLevy HTavori J(2024)Exploiting Miscoordination of Microservices in Tandem for Effective DDoS AttacksIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621335(231-240)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621335
Jyothi VChowdary N(2024)Vulnerability Classification for Detecting Threats in Cloud Environments Against DDoS Attacks2024 IEEE 13th International Conference on Communication Systems and Network Technologies (CSNT)10.1109/CSNT60213.2024.10546199(368-373)Online publication date: 6-Apr-2024
https://doi.org/10.1109/CSNT60213.2024.10546199
Show More Cited By

Index Terms

DDoS/EDoS attack in cloud: affecting everyone out there!
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks

Recommendations

Enhanced-Adaptive Pattern Attack Recognition Technique E-APART Against EDoS Attacks in Cloud Computing

Cloud Computing is most widely used in current technology. It provides a higher availability of resources to greater number of end users. In the cloud era, security has develop a reformed source of worries. Distributed Denial of Service DDoS and ...
Mitigating Economic Denial of Sustainability (EDoS) in Cloud Computing Using In-cloud Scrubber Service
CICN '12: Proceedings of the 2012 Fourth International Conference on Computational Intelligence and Communication Networks

Cloud computing is not a new technology, it is a new way of delivering computing resources. Elastic cloud computing enables services to be deployed and accessed globally on demand with little maintenance by providing QoS as per service level agreement (...
DDoS Attack and Defense in SDN-Based Cloud
Ubiquitous Networking
Abstract
Software defined networking-based cloud has many advantages over traditional network infrastructure, such as improved network flexibility, programmability, and scalability. However, new security concerns and especially new trends of Distributed ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

SIN '15: Proceedings of the 8th International Conference on Security of Information and Networks

September 2015

350 pages

ISBN:9781450334532

DOI:10.1145/2799979

Conference Chairs:
Oleg Makarevich
Southern Federal University, Russia
,
Ron Poet
University of Glasgow, UK
,
Atilla Elçi
Aksaray University, Turkey
,
Manoj Singh Gaur
Malaviya National Institute of Technology, India
,
Mehmet Orgun
Macquarie University, Australia
,
Program Chairs:
Ludmila Babenko
Southern Federal University, Russia
,
Sadek Ferdous
University of Glasgow, UK
,
Anthony T. S. Ho
University of Surrey, UK
,
Vijay Laxmi
Malaviya National Institute of Technology, India
,
Josef Pieprzyk
Queensland University of Technology, Australia

Copyright © 2015 ACM.

© 2015 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 September 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIN '15

SIN '15: The 8th International Conference on Security of Information and Networks

September 8 - 10, 2015

Sochi, Russia

Acceptance Rates

SIN '15 Paper Acceptance Rate 34 of 92 submissions, 37%;

Overall Acceptance Rate 102 of 289 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

29
Total Citations
View Citations
591
Total Downloads

Downloads (Last 12 months)20
Downloads (Last 6 weeks)1

Reflects downloads up to 12 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lyu QZhou YRen YWang ZGuo Y(2024)Toward Personal Data Sharing Autonomy: A Task-Driven Data Capsule Sharing SystemIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.347252919(9760-9774)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3472529
Bremler-Barr ACzeizler MLevy HTavori J(2024)Exploiting Miscoordination of Microservices in Tandem for Effective DDoS AttacksIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621335(231-240)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621335
Jyothi VChowdary N(2024)Vulnerability Classification for Detecting Threats in Cloud Environments Against DDoS Attacks2024 IEEE 13th International Conference on Communication Systems and Network Technologies (CSNT)10.1109/CSNT60213.2024.10546199(368-373)Online publication date: 6-Apr-2024
https://doi.org/10.1109/CSNT60213.2024.10546199
Saini GSomani G(2024)Resource Targeted Cybersecurity Attacks in Cloud Computing EnvironmentsResource Management in Distributed Systems10.1007/978-981-97-2644-8_9(169-188)Online publication date: 31-May-2024
https://doi.org/10.1007/978-981-97-2644-8_9
Kumar ASomani G(2024)Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource ManagementResource Management in Distributed Systems10.1007/978-981-97-2644-8_12(247-268)Online publication date: 31-May-2024
https://doi.org/10.1007/978-981-97-2644-8_12
Prof. Kaveri Deosarkar Kamlesh Samrit (2023)A Dual Security Protection Mechanism for Cloud-Based Data Storage and SharingInternational Journal of Scientific Research in Science, Engineering and Technology10.32628/IJSRSET2310234(313-322)Online publication date: 1-Apr-2023
https://doi.org/10.32628/IJSRSET2310234
Chattopadhyay ASripada D(2023)Security Analysis and Threat Modelling of Mobile Banking Applications2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT56998.2023.10307577(1-6)Online publication date: 6-Jul-2023
https://doi.org/10.1109/ICCCNT56998.2023.10307577
Kumar ASomani G(2023)Service separation assisted DDoS attack mitigation in cloud targetsJournal of Information Security and Applications10.1016/j.jisa.2023.10343573(103435)Online publication date: Mar-2023
https://doi.org/10.1016/j.jisa.2023.103435
Kamble DPatel RDeshmukh P(2023)Data Sharing and Privacy Preserving Access Policy of Cloud Computing Using SecurityTechno-societal 202210.1007/978-3-031-34644-6_31(281-289)Online publication date: 23-Sep-2023
https://doi.org/10.1007/978-3-031-34644-6_31
Xylogiannopoulos KKarampelas PAlhajj R(2021)Advanced Network Data Analytics for Large-Scale DDoS Attack DetectionResearch Anthology on Combating Denial-of-Service Attacks10.4018/978-1-7998-5348-0.ch019(358-370)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-5348-0.ch019
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents