IJSRSET calls volunteers interested to contribute towards the scientific development in the field of Science, Engineering and Technology

Home > IJSRSET15222                                                     

Identification and Avoidance of DDoS Attack for Secured Data Communication in Cloud


Divya G., Archana S. , Dhanalakshmi S. , Divya D.
  • Abstract
  • Authors
  • Keywords
  • References
  • Details
Distributed Denial of Service(DDoS) attack in a client server environment would collapse the entire system, but as far as cloud is concern it is not that effective but still it will try to disturb the regular activity of the system. We deploy multiple Intrusion Prevention System (IPS) to monitor the activity of the users and filters the request based on the behavior and forwards to the corresponding servers through cloud server. Every server would have allocated certain space in cloud server. IPS monitors the activity of the users to avoid DDoS attacks. This system ensures the detection and avoidance of DDoS attack in the cloud server. Few DDoS attacks are listed and monitored. The behavior patterns are 1.Continuous and same request from single user in a point of time,2.Different query from the same user within a period of time,3.Different queries from different users but from same IP, 4. Request of huge sized file beyond the permitted. Based on these patterns user behaviour is monitored therefore DDoS attack is avoided in cloud.

Divya G., Archana S. , Dhanalakshmi S. , Divya D.

Cloud computing, Distributed denial-of-service attack detection and avoidance, multiple Intrusion Prevention System (IPS)


 [1] J. Francois, I. Aib, and R. Boutaba, ‘‘Firecol, a Collaborative Protection Network for the Detection of Flooding ddos Attacks,’’IEEE/ACM Trans. Netw., vol. 20, no. 6, pp. 168-1641, Dec. 2012.

[2] C. Peng, M. Kim, Z. Zhang, and H. Lei, ‘‘Vdn: Virtual Machine Image Distribution Network for Cloud Data Centers,’’ in Proc.INFOCOM, 2012, pp. 161-169.

[3] S. Subashini and V. Kavitha, ‘‘A Survey on Security Issues in Service Delivery Models of Cloud Computing,’’ J. Netw. Comput.Appl., vol. 34, no. 1, pp. 1-11, Jan. 2011.

[4] G. Carl et al., “Denial-of-service attack-detection techniques,” IEEE Internet Comput., vol. 10, no. 1, pp. 82–89, Jan./Feb. 2006.

[5] T. Peng, C. Leckie, and K. Ramamohanarao, ‘‘Survey of Network-Based Defense Mechanisms Countering the dos and ddos Problems,’’ ACM Comput. Surv., vol. 39, no. 1, pp. 1-3, 2007.

[6] M.A. Rajab, J. Zarfoss, F. Monrose, and A. Terzis, ‘‘My Botnetis Bigger Than Yours (Maybe, Better Than Yours): Why Size Estimates Remain Challenging,’’ in Proc. 1st Conf. HotBots, 2007, p. 5.

[7] D.K.Y. Yau, J.C.S. Lui, F. Liang, and Y. Yam, ‘‘DefendingAgainst Distributed Denial-of-Service Attacks with Max-Min Fair Server- Centric Router Throttles,’’ IEEE/ACM Trans. Netw., vol. 13, no. 1, pp. 29-42, Feb. 2005.

[8] D. Moore, C. Shannon, D.J. Brown, G.M. Voelker, and S. Savage, ‘‘Inferring Internet Denial-of-Service Activity,’’ ACM Trans. Comput. Syst., vol. 20, no. 2, pp. 115-139, May 2006.

[9] S. Ros, F. Cheng, and C. Meinel, “Intrusion Detection in the Cloud,” 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, pp. 729–734, Dec. 2009.

[10] “Detecting Application Denial-of-Service Attacks: A Group-Testing-Based Approach.” Ying Xuan Dept. of Comput. & Inf. Sci. & Eng., Univ. of Florida, Gainesville, FL, USA Incheol Shin ; Thai, M.T. ; Znati, T.

[11] U. Tupakula, V. Varadharajan, and N. Akku, “Intrusion Detection Techniques for Infrastructure as a Service Cloud,” 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing, pp. 744–751, Dec. 2011.

[12] J. Idziorek, M. Tannian, and D. Jacobson, ‘‘Insecurity of Cloud Utility Models,’’ IT Prof., vol. 15, no. 2, pp. 18-23, Mar./Apr. 2012.

[13] S. L. and Z. L. and X. C. and Z. Y. and J. Chen, S. Luo, Z. Lin, X. Chen, Z. Yang, and J. Chen, “Virtualization security for cloud computing service,” in International Conference on Cloud and Service Computing (CSC), 2011, pp. 174–179.

[14] Q. Wang, K. Ren, and X. Meng, ‘‘When Cloud Meets Ebay: Towards Effective Pricing for Cloud Computing,’’ in Proc.INFOCOM, Mar. 2012, pp. 936-944.

[15] A. Shevtekar, K. Anantharam, and N. Ansari, “Low rate TCP Denial-of-Service attack detection at edge routers,” IEEE Commun. Lett.,vol. 9, no. 4, pp. 363–365, Apr. 2005.

[16] Y. Chen, K. Hwang, and W.-S. Ku, “Collaborative detection of DDoSattacks over multiple network domains,” IEEE Trans. Parallel Distrib.Syst., vol. 16, no. 12, pp. 1649–1662, Dec. 2007.S. Yu and W. Zhou, “Entropy-Based collaborative detection of DDoSattacks on community networks,” in Proc. 6th IEEE Int. Conf. PervasiveComputing and Communications (PerCom 2008), 2008, pp.566–571.

[17] R.Wartel, T.Cass, B.Moreira, E. Roche, M. Guijarro, S.Goasguen, and U.Schwickerath, ‘‘Image Distribution Mechanisms in Large Scale Cloud Providers,inProc.CloudCom, 2010, pp.112 117.

[18] J. Zhu, Z. Jiang, and Z. Xiao, ‘‘Twinkle: A Fast Resource Provisioning Mechanism for Internet Services,’’ in Proc. INFOCOM, 2011, pp. 802-810.

[19] H. Khazaei, J.V. Misic, and V.B. Misic, ‘‘Performance Analysis of Cloud Computing Centers using m/g/m/m+r Queuing Systems,’’ IEEE Trans. Parallel Distrib. Syst., vol. 19, no. 5, pp. 936-943, May 2012.

[20] H. Khazaei, J.V. Misic, V.B.Misic, and S. Rashwand, ‘‘Analysis of a Pool Management Scheme for Cloud Computing Centers,’’

IEEE Trans.Parallel Distrib. Syst.,vol.20, no.5, pp. 849-861,May 2013.

[21] H. Sun, J. C. S. Lui, and D. K. Y. Yau, “Defending against low-rate TCP attacks: Dynamic detection and protection,” in Proc. IEEE Int.Conf. Network Protocols (ICNP 2004), 2004, pp. 196–205.

[22] H. Sun, J. C. S. Lui, and D. K. Y. Yau, “Defending against low-rate TCP attacks: Dynamic detection and protection,” in Proc. IEEE Int.Conf. Network Protocols (ICNP 2004), 2004, pp. 196–205.

[23] Dagon, C. Zou, and W. Lee, ‘‘Modeling Botnet Propagation using Time Zones,’’ in Proc. 13th NDSS, 2006, pp. 1-16.


Publication Details

Published in : Volume 1 | Issue 2 | March-April - 2015
Date of Publication Print ISSN Online ISSN
2015-04-25 2395-1990 2394-4099
Page(s) Manuscript Number   Publisher
49-57 IJSRSET15222   Technoscience Academy

Cite This Article

Divya G., Archana S. , Dhanalakshmi S. , Divya D., "Identification and Avoidance of DDoS Attack for Secured Data Communication in Cloud", International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 1, Issue 2, pp.49-57, March-April-2015.
URL : http://ijsrset.com/IJSRSET15222.php