Skip to main content
SpringerLink
Log in

Evaluation of Experiments on Detecting Distributed Denial of Service (DDoS) Attacks in Eucalyptus Private Cloud

  • Conference paper
Soft Computing Applications

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 195))

Abstract

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks appear to be main threats for cloud computing. The protection of cloud services against DoS and DDoS attacks is realized using Intrusion Detection Systems (IDSs). This paper aims to evaluate the experimental results of our proposed quantitative solution. The experiments are performed in a private cloud model deployed using Eucalyptus open-source, with virtual machines based IDS (VMs-based IDS) being created in three nodes and the Mysql database together with the graphical interfaces for monitoring the alerts being installed and configured in the front-end server. After a set of DDoS attacks are launched against the VMs-based IDS, we analyze all the alerts collected from the VMs-based IDS.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lonea, A.M., Popescu, D.E., Tianfield, H.: Detecting Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment. International Journal of Computers, Communications & Control, IJCCC, 1841–9836 (accepted for publication, 2012) ISSN: 1841-9836

    Google Scholar 

  2. Bhadauria, R., et al.: A Survey on Security Issues in Cloud Computing. CoRR (2011), http://dblp.uni-trier.de/db/journals/corr/corr1109.html#abs-1109-5388

  3. Bakshi, A., Yogesh, B.: Securing Cloud from DDoS Attacks using Intrusion Detection System in Virtual Machine. In: Second International Conference on Communication Software and Networks, pp. 260–264. IEEE Computer Society, Washington, DC (2010)

    Chapter  Google Scholar 

  4. Dhage, S.N., et al.: Intrusion Detection System in Cloud Computing Environment. In: International Conference and Workshop on Emerging Trends in Technology (ICWET 2011), pp. 235–239. TCET, Mumbai (2011)

    Google Scholar 

  5. Lee, J.-H., Park, M.-W., Eom, J.-H., Chung, T.-M.: Multi-level Intrusion Detection System and Log Management in Cloud Computing. In: 13th International Conference on Advanced Communication Technology, ICACT 2011, Seoul, pp. 552–555 (2011)

    Google Scholar 

  6. Lo, C.-C., Huang, C.-C., Ku, J.: A Cooperative Intrusion Detection System Framework for Cloud Computing Networks. In: 39th International Conference on Parallel Processing Workshops, pp. 280–284. IEEE Computer Society, Washington, DC (2010)

    Chapter  Google Scholar 

  7. Mazzariello, C., Bifulco, R., Canonico, R.: Integrating a Network IDS into an Open Source Cloud Computing Environment. In: Sixth International Conference on Information Assurance and Security, pp. 265–270 (2010)

    Google Scholar 

  8. Roschke, S., Cheng, F., Meinel, C.: Intrusion Detection in the Cloud. In: Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, pp. 729–734 (2009)

    Google Scholar 

  9. Eucalyptus Administrator’s Guide (2.0), http://open.eucalyptus.com/wiki/EucalyptusAdministratorGuide

  10. Eucalyptus User’s Guide (2.0), http://open.eucalyptus.com/wiki/EucalyptusUserGuide_v2.0

  11. Weir, J.: Building a Debian\Snort based IDS (2012), http://www.snort.org/assets/167/IDS_deb_snort_howto.pdf

  12. Moore, N.: Snort 2.9.1 CentOS 5.6 Installation Guide (2011), http://www.snort.org/assets/159/Snort_2.9.1_CentOS_5.pdf

  13. Harper, P.: Snort Enterprise Install (2007), http://www.internetsecurityguru.com/documents/Snort_Base_Barnyard_CentOS_5.pdf

  14. Sourcefire, Inc.: Snort Users Manual 2.9.2 (2011), http://www.snort.org/assets/166/snort_manual.pdf

  15. Rehman, R. U. R.: Intrusion Detection with Snort: Advanced IDS Techniques using Snort, Apache, Mysql, PHP and ACID. Pearson Education Inc. Publishing as Prentice Hall PTR (2003)

    Google Scholar 

  16. Baker, A.R., Esler, J.: Snort Intrusion Detection and Prevention Toolkit. Syngress Publishing, Inc. (2007)

    Google Scholar 

  17. Vanathi, R., Gunasekaran, S.: Comparison of Network Intrusion Detection Systems in Cloud Computing Environment. In: 2012 International Conference on Computer Communication and Informatics (ICCCI 2012), Coimbatore, India (2012)

    Google Scholar 

  18. Brennan, M.P.: Using Snort for a Distributed Intrusion Detection System. SANS Institute, Version 1.3 (2002), http://www.sans.org/reading_room/whitepapers/detection/snort-distributed-intrusion-detection-system_352

  19. Borisaniya, B., Patel, A., Patel, R., Patel, D.: Network-based Intrusion Detection in Eucalyptus Private Cloud. In: 2010 International Conference on Advances in Communication, Network, and Computing, India, pp. 209–212 (2010)

    Google Scholar 

  20. Skinner III, W.T.: Identity Management in a Public IaaS Cloud. James Madison University. Master Thesis (2012), http://www.scribd.com/doc/90183632/3/Thesis-Statement

  21. Dittrich, D.: The “stacheldraht” distributed denial of service attack tool. University of Washington (1999), http://staff.washington.edu/dittrich/misc/stacheldraht.analysis.txt

  22. Criscuolo, P.J.: Distributed Denial of Service Trin00, Tribe Flood Network, Tribe Flood Network 2000 and Stacheldraht. CIAC-2319. Department of Enery Computer Incident Advisory Capability, UCRL-ID-136939, Rev.1, Lawrence Livermore National Laboratory, https://e-reports-ext.llnl.gov/pdf/237595.pdf (2000)

  23. Specht, S.M., Lee, R.B.: Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures. In: Proceedings of the 17th International Conference on Parallel and Distributed Systems, pp. 543–550 (2004)

    Google Scholar 

  24. Mirkovic, J., Martin, J., Reiher, P.: A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms. ACM SIGCOMM Computer Communication Review 34(2), 39–53 (2004)

    Article  Google Scholar 

  25. Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. New Riders Publishing (2002) ISBN 0-73571-265-4

    Google Scholar 

  26. w3schools.com, http://www.w3schools.com/sql/sql_join.asp

  27. Guth, M.A.S.: A Probabilistic Foundation for Vagueness & Imprecision in Fault-Tree Analysis. IEEE Transactions on Reliability 40(5), 563–569 (1991)

    Article  MATH  Google Scholar 

  28. Yu, D., Frincke, D.: Alert Confidence Fusion in Intrusion Detection Systems with Extended Dempster-Shafer Theory. In: Proceedings of the 43rd ACM Southeast Conference. ACM-SE, vol. 43, pp. 142–147 (2005)

    Google Scholar 

  29. Thomas, C., Balakrishnan, N.: Performance Enhancement of Intrusion Detection Systems using advances in sensor fusion. In: 11th International Conference on Information Fusion, pp. 1–7 (2008)

    Google Scholar 

  30. Witten, I.H., Frank, E.: Data Mining. In: Practical Machine Learning Tools and Techniques, 2nd edn. Kaufmann Press, San Francisco (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Automation and Applied Informatics Department, Faculty of Automation and Computers, “Politehnica” University of Timisoara, B-dul Vasile Parvan, nr. 2, 300223, Timisoara, Romania

    Alina Mădălina Lonea & Octavian Prostean

  2. Computer Engineering Department, Faculty of Electrical Engineering and Information Technology, University of Oradea, Universitatii Street, nr. 1, 410087, Oradea, Romania

    Daniela Elena Popescu

  3. School of Engineering and Built Environment, Glasgow Caledonian University, Cowcaddens Road, Glasgow, G4 0BA, United Kingdom

    Huaglory Tianfield

Authors
  1. Alina Mădălina Lonea
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daniela Elena Popescu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Octavian Prostean
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Huaglory Tianfield
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alina Mădălina Lonea .

Editor information

Editors and Affiliations

  1. , Department of Automation & Applied Infor, Aurel Vlaicu University of Arad, Blvd. Revolutiei 77, Arad, 310130, Romania

    Valentina Emilia Balas

  2. , Institute of Intelligent Engineering, Óbuda University, Bécsi út 96/b, Budapest, 1034, Hungary

    János Fodor

  3. Dept. Measurement &, Information Systems, Technical University Budapest, Magyar tudósok körutja 2, Budapest, 1521, Hungary

    Annamária R. Várkonyi-Kóczy

  4. , Department of Informatics, University of Szeged, Arpad ter 2., Szeged, 6720, Hungary

    Joszef Dombi

  5. , School of Electrical and Information, University of South Australia, 5095, Adelaide, Australia

    Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lonea, A.M., Popescu, D.E., Prostean, O., Tianfield, H. (2013). Evaluation of Experiments on Detecting Distributed Denial of Service (DDoS) Attacks in Eucalyptus Private Cloud. In: Balas, V., Fodor, J., Várkonyi-Kóczy, A., Dombi, J., Jain, L. (eds) Soft Computing Applications. Advances in Intelligent Systems and Computing, vol 195. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33941-7_34

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-33941-7_34

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33940-0

  • Online ISBN: 978-3-642-33941-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation