DETECTING AND CONTAINING MALICIOUS SERVICES IN AN INTERCLOUD ENVIRONMENT

Authors

  • LOHIT KAPOOR Thapar University, Patiala, India Model Institute of Engineering and Technology, Jammu, India
  • SEEMA BAWA Thapar University, Patiala, India
  • ANKUR GUPTA Model Institute of Engineering and Technology, Jammu, India

Keywords:

Application/service profiling, detecting DoS/DDoS attacks, cloud security

Abstract

In the recent past there have been several instances of hackers using cloud computing to launch DoS/DDoS attacks on targets worldwide. The seemingly infinite compute resources on offer make cloud computing an attractive option for launching planetary-scale attacks. Cloud Service Providers (CSP) which rent out computing resources, need to ensure that their platforms are not used by malicious users/services in launching attacks. This paper proposes a novel mechanism for detection and containment of malicious applications based on application profiling. Further, a global blacklist of malicious applications and their performance profiles is maintained and continuously updated to collaboratively aid in quick detection across CSPs. This privacy-preserving scheme effectively neutralizes malicious applications preventing them from misusing the large computational resources on offer.

 

Downloads

Download data is not yet available.

References

http://wraltechwire.com/report-chinese-hackers-using-cloud-to-spy-on-u-s-/13134654/ (13-Feb-

http://www.businessweek.com/news/2013-11-20/chinese-hackers-seen-exploiting-cloudcomputing-

to-spy-on-u-dot-s (13-Feb-2015)

Sabahi, F., “Cloud computing security threats and responses”, International conference

onCommunication Software and Networks (ICCSN), IEEE,2011, pp: 245-249

ChiragModi, Dhiren Patel, Hiren Patel, BhaveshBorisaniya, Avi Patel, MuttukrishnanRajarajan,

“A survey of intrusion detection techniques in Cloud”, Journal of Network and Computer

Applications, Elsevier, 2013, pp: 42-57.

S. Subashini , V. Kavitha, “A survey on security issues in service delivery models of cloud

computing”, Journal of Network and Computer Applications, Elsevier, 2011, pp:1-11.

http://cloudtimes.org/2013/06/22/attack-as-a-service-criminals-in-the-cloud/ (13-Feb-2015)

Lachlan James, Alice Hutchings and Russell G Smith, ”Cloud Computing Threat for Small

Business-Final Report”, Australian Research Council, Center of Excellence in Policing and

Security and Australian Institute of Criminology, 2012,

https://www.academia.edu/3620146/Final_report_Cloud_computing_threat_assessment_for_smal

l_business

Bakshi A, Dujodwala YB, “Securing cloud from ddos attacks using intrusion detection systemin

virtual machine”. In: Proceedings of the 2010 second international conference on communication

software and networks, ICCSN’10, IEEE, 2010, pp 260–264.

AmanBakshi, Yogesh B. Dujodwala, “Securing cloud from DDoS Attacks using Intrusion

Detection System in Virtual Machine”, ICCSN ’10 Proceeding of the 2010 Second International

Conference on Communication Software and networks, pp. 260-264, 2010, IEEE Computer

Society, USA, 2010. ISBN: 978-0-7695-3961-4.

Claudio Mazzariello, Roberto Bifulco and Roberto Canonico, “Integrating a Network IDS into an

Open Source Cloud Computing Environment”, Sixth International Conference on Information

Assurance and Security, USA, pp. 265-270, Aug. 23-25, 2010. DOI:

1109/ISIAS.2010.5604069.

D. Nurmi, R. Wolski, C. Grzegorczyk, G. Obertelli, S.Soman, L. Youseff, and D. Zagorodnov,

“The Eucalyptus open-source cloud-computing system”, in Proceedings of the 9th IEEE/ACM

International Symposium on Cluster Computing and the Grid (CCGRID ’09), pp. 124–131, 2009.

http://sourceforge.net/projects/highorbitioncannon/

Claudio Mazzariello, Roberto Bifulco and Roberto Canonico, “Integrating a Network IDS into an

Open Source Cloud Computing Environment”, Sixth International Conference on Information

Assurance and Security, USA, pp. 265-270, Aug. 23-25, 2010. DOI:

1109/ISIAS.2010.5604069.

http://www.rackspace.com/managed_hosting/services/security/ddosmitigation/(13-Feb-2015)

http://www.cloudflare.com/ddos(13-Feb-2015)

http://www.prolexic.com/why-prolexic-best-dos-and-ddos-scrubbing-centers.html(13-Feb-2015)

LanjuanYang,Tao Zhang, Jinyu Song, JinShuangWang, Ping Chen, “Defense of DDoS Attack for

Cloud Computing”, IEEE international conference on Computer Science and Automation

Engineering, 2012, pp: 626-629.

http://oss.oetiker.ch/rrdtool/

http://azure.microsoft.com/en-in/

http://aws.amazon.com/ec2/

http://www.gogrid.com

https://www.openstack.org/

https://raylin.wordpress.com/downloads/md5-sha-1-checksum-utility/

http://sourceforge.net/projects/loic/

http://sourceforge.net/projects/xoic/

http://packetstormsecurity.com/files/112856/HULK-Http-Unbearable-Load-King.html

https://code.google.com/p/r-u-dead-yet/

http://packetstormsecurity.com/files/98831/

http://sourceforge.net/projects/pyloris/

https://code.google.com/p/owasp-dos-http-post/

http://packetstormsecurity.com/files/123084/DAVOSET-1.1.3.html

http://packetstormsecurity.com/files/120966/GoldenEye-HTTP-Denial-Of-Service-Tool.html

http://www.cut-the-knot.org/do_you_know/far_near.shtml#euclidean

Luca Deri, Simone Mainardi1, and Francesco Fusco, “TSDB: A Compressed Database for Time

Series”, TMA 2012, LNCS 7189, 2012, pp. 143–156

http://crazy-taxi.en.softonic.com/

http://world-of-warcraft.en.softonic.com

https://www.rivalhost.com/blog/12-types-of-ddos-attacks-used-by-hackers/

https://www.stateoftheinternet.com/types-of-ddos-attacks.html

C. Douligeris, A. Mitrokotsa, “DDoS attacks and defense mechanisms: classification and stateof-

the-art”, in: Computer Networks, Elsevier, pp: 643–666

http://royal.pingdom.com/ 2007/06/01/theoretical-vs-real-world-speed-limit-of-ping

Downloads

Published

2016-02-17

Issue

Section

Articles