Abstract
Distributed denial of service (DDoS) attack is one of the prominent risk factors for the development of cloud service. It is a very hard task for novice cloud users to identify the real source of DDoS attack because the attacker spoofs the Internet Protocol and Media Access Control addresses. To address this problem, we propose a third party auditor-based packet traceback approach. The method uses Weibull distribution for analyzing the source of the DDoS attack. The approach provides an efficient and fruitful solution because of its strong identification factor. The identification factor depends on the weaknesses left by the intruder. We analyze the traffic pattern to generate attack alert for different cloud users. The advantage of this approach is that it reduces the overhead on the cloud user. With the help of Weibull distribution, we can easily obtain the availability, reliability and median life of DDoS defense in the cloud environment. To demonstrate our approach, we implement an application based on Hadoop and MapReduce framework. We tested this application based on various parameters. Our method has shown the tremendous improvement over the other state of the art methods. The experimental results are included to show the effectiveness of the proposed method for DDoS attack prevention and mitigation.
Similar content being viewed by others
References
Saxena, R., Dey, S.: collaborative approach for data integrity verification in cloud computing, In: SNDS 2014, Communications in Computer and Information Science (CCIS), vol. 420, pp. 1–15. Springer, Berlin (2014)
Saxena, R., Dey, S.: Cloud shield: effective solution for DDoS in cloud, In: IDCS 2015, Lecture Notes in Computer Science (LNCS), vol. 9258, pp. 3–10. Springer, Berlin (2015)
Ruj, S., Saxena R.: Securing cloud data. In: Cloud computing with e-science applications, ISBN:978-1-4665-9115-8, pp. 41–72. CRC Press, Boca Raton (2015)
Saxena, R., Dey, S.: Cloud Audit: A Data Integrity Verification Approach for Cloud Computing, Procedia Computer Science, vol. 89, pp. 142–151, ISSN 1877-0509. https://doi.org/10.1016/j.procs.2016.06.024 (2016)
Dittrich D.: The tribe flood network, distributed denial of service attack tool (1991). http://staff.washington.edu/dittrich/misc/tfn.analysis
Dietrich N.L.S., Dittrich, D.: Analyzing distributed denial of service tools: the Shaft Case. In: Proceedings 14th Systems Administration Conference (LISA 2000), Louisiana, USA, December 3–8, pp. 12 (2000)
Dittrich G.W.D., Dietrich, S., Long, N.: The mstream, Distributed denial of service attack tool (2000). http://staff.washington.edu/dittrich/misc/mstream.analysis.txt
Dittrich, D.: The stacheldraht, distributed denial of service attack tool (1999). http://staff.washington.edu/dittrich/misc/stacheldraht.analysis
Hancock, B.: Trinity v3, a DDoS tool, hits the streets. Comput. Secur. 19, 574–574 (2000)
Bysin, Knight tool (2001). http://packetstormsecurity.org/distributed/knight.c
Nazario, J.: Black Energy DDoS Bot Analysis, Arbor Networks (2007). http://atlas-public.ec2.arbor.net/docs/BlackEnergy+DDoS+Bot+Analysis.pdf
Sert, A.: DDoS and Security Reports: The Arbor Networks Security Blog (2011). http://ddos.arbornetworks.com/2012/02/ddos-tools/
Cloudera (2014). http://www.cloudera.com/content/cloudera/en/downloads.html
XenServer (2014). http://xenserver.org/open-source-virtualization-download.html
Ranjan, S., Swaminathan, R., Uysal, M., Nucci, A., Knightly, E.: DDoS-shield: DDoS-resilient scheduling to counter application layer attacks. In: IEEE/ACM Transactions on Networking, vol. 17, no. 1, pp. 26–39. https://doi.org/10.1109/TNET.2008.926503 (2009)
YuHunag, C., MinChi, T., YaoTing, C., YuChieh, C., YanRen, C.: A novel design for future on-demand service and security. In: 2010 IEEE 12th International Conference on Communication Technology
Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: 35th IEEE Conference on Local Computer Networks (LCN), pp. 408–415. IEEE October (2010)
Choi, Y.: Implementation of content-oriented networking architecture (CONA): a focus on DDoS countermeasure. In: Proceedings of European NetFPGA Developers Workshop (2010)
Lua, R., Yow, K.C.: Mitigating DDoS attacks with transparent and intelligent fast-flux swarm network. In: IEEE Network, vol. 25, no. 4, pp. 28–33 (2011)
Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. In: ACM Sigcomm Computer Communication Review, vol. 34, no. 2, pp. 39–53 (2004)
Yao, G., Bi, J., Xiao, P.: Source address validation solution with OpenFlow/NOX architecture. In: The 19th IEEE International Conference on Network Protocols (ICNP), pp. 7–12 (2011)
Dou, W., Chen, Q., Chen, J.: A confidence-based filtering method for DDoS attack defense in cloud environment. Future Gener. Comput. Syst. 29(7), 1838–1850 (2012)
Shin, S. , Porras, P., Yegneswaran, V., Fong, M., Gu, G., Tyson, M.: FRESCO: modular composable security services for software-defined networks. In: Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS) (2013)
Zargar, S.T., Joshi, J.: A collaborative approach to facilitate intrusion detection and response against DDoS attacks. In: The Sixth International Conference on Collaborative Computing: Networking, Applications and Work Sharing (CollaborateCom), p. 1–8 (2010)
Lee, S.B., Kang, M.S., Gligor, V.D.: CoDef: collaborative defense against large-scale link-flooding attacks, In: Proceedings of the Ninth ACM Conference on Emerging Networking Experiments and Technologies. pp. 417–28 (2013)
Yu, S., Tian, Y., Guo, S., Wu, D.: Can we beat DDoS attacks in clouds? IEEE Trans. Parallel Distrib. Syst. 25(9), 2245–2254 (2014)
Lai, C.D., Xie, M., Murthy, D.N.P.: A modified Weibull distribution. IEEE Trans. Reliab. 52(1), 33–37 (2003)
Trellis Diagram (2016). https://en.wikipedia.org/wiki/Trellis(graph)
ReliaSoft Corporation (2014). www.weibull.com/hotwire/issue14/relbasics14.htm
Specht S.M., Lee, R.B.: Distributed denial of service: taxonomies of attacks, tools, and countermeasures. In: ISCA PDCS, September, pp. 543–550 (2004)
Acknowledgements
The authors would like to thank the Indian Institute of Technology Indore for their financial and infrastructure support.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Saxena, R., Dey, S. DDoS prevention using third party auditor in cloud computing. Iran J Comput Sci 2, 231–244 (2019). https://doi.org/10.1007/s42044-019-00039-w
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s42044-019-00039-w