Back
 JIS  Vol.9 No.1 , January 2018
A Survey of Cloud Computing Detection Techniques against DDoS Attacks
Abstract:
A Distributed Denial of Service Attack (DDoS) is an attack in which multiple systems compromised by a Trojan are maliciously used to target a single system. The attack leads to the denial of a certain service on the target system. In a DDoS attack, both the target system and the systems used to perform the attack are all victims of the attack. The compromised systems are also called Botnets. These attacks occur on networked systems, among them the cloud computing facet. Scholars have tried coming up with separate mechanisms for detecting and preventing such attacks long before they occur. However, as technology progresses in advancement so do the attack mechanisms. In cloud computing, security issues affect various stakeholders who plan on cloud adoption. DDoS attacks are such serious concerns that require mitigation in the cloud. This paper presents a survey of the various mechanisms, both traditional and modern, that are applied in detecting cloud-based DDoS attacks.
Cite this paper: Alzahrani, S. and Hong, L. (2018) A Survey of Cloud Computing Detection Techniques against DDoS Attacks. Journal of Information Security, 9, 45-69. doi: 10.4236/jis.2018.91005.
References

[1]   Subramaniam, T. and Bethany, D. (2016) Preventing Distributed Denial of Service Attacks in Cloud Environments. International Journal of Information Technology, Control and Automation, 6, 23-32. https://doi.org/10.5121/ijitca.2016.6203

[2]   Sivamohan, S., Veeramani, R., Liza, K., Krishnaveni, S. and Jothi, B. (2016) Data Mining Technique for DDoS Attack in Cloud Computing. International Journal of Computer Technology and Applications, 9, 149-156.

[3]   Masdari, M. and Marzie, J. (2016) A Survey and Taxonomy of DoS Attacks in Cloud Computing. Security and Communication Networks, 2, 3274-3751.
https://doi.org/10.1002/sec.1539

[4]   Bonquet, A. and Martine, B. (2017) A Survey of Denial-of-Service and Distributed Denial of Service Attacks and Defense in Cloud Computing. Future Internet, 9, 1-9.
https://doi.org/10.3390/fi9030043

[5]   Kaur, A. and Anupama, K. (2015) A Review on Various Attack Detection Techniques in Cloud Architecture. International Journal of Advanced Research in Computer Engineering & Technology, 4, 3861-3867.

[6]   Kene, S.G. and Deepti, P.T. (2015) A Review on Intrusion Detection Techniques for Cloud Computing and Security Challenges. 2nd International Conference on Electronics and Communication Systems, Coimbatore, 26-27 Februaty 2015, Vol. 2, 227-231.
https://doi.org/10.1109/ECS.2015.7124898

[7]   Deshmukh, R.V. and Kailas, K.D. (2015) Understanding DDoS Attack & Its Effect in Cloud Environment. Procedia Computer Science, 49, 202-210.
https://doi.org/10.1016/j.procs.2015.04.245

[8]   Sattar, I., et al. (2015) A Review of Techniques to Detect and Prevent Distributed Denial of Service (DDoS) Attack in Cloud Computing Environment. International Journal of Computer Applications, 115, 23-27.
https://doi.org/10.5120/20173-2370

[9]   Navaz, S., et al. (2013) Entropy Based Anomaly Detection System to Prevent DDoS Attacks in Cloud. International Journal of Computer Applications, 15, 42-47.

[10]   Ankita, P. and Fenil, K. (2015) Survey on DDoS Attack Detection and Prevention in Cloud. International Journal of Engineering Technology, Management, and Applied Sciences, 3, 43-47.

[11]   Modi, C., Dhiren, P., Bhavesh, B., Avi, P. and Muttukrishnan, R. (2013) A Survey on Security Issues and Solutions at Different Layers of Cloud Computing. The Journal of Supercomputing, 63, 561-592. https://doi.org/10.1007/s11227-012-0831-5

[12]   Kacha, C.C., et al. (2013) Improved Snort Intrusion Detection System using Modified Pattern Matching Technique. International Journal of Emerging Technology and Advanced Engineering, 3, 81-88.

[13]   Parwani, D., et al. (2015) Various Techniques of DDoS Attacks Detection and Prevention at Cloud: A Survey. Oriental Journal of Computer Science & Technology, 8, 110-120.

[14]   Dewal, P., et al. (2016) A Survey of Intrusion Detection Systems and Secure Routing Protocols in Wireless Sensor Networks. International Journal for Research in Emerging Science and Technology, 3, 16-20.

[15]   Modi, K. and Abdul, Q. (2014) Detection and Prevention of DDoS Attacks on the Cloud using Double-TCP Mechanism and HMM-Based Architecture. International Journal of Cloud Computing and Services Science, 3, 113-120.

[16]   Chawla, I., et al. (2015) DDoS Attacks in Cloud and Mitigation Techniques. International Journal of Innovative Science, Engineering & Technology, 2, 596-600.

[17]   Reddy, S.V., et al. (2012) Efficient Detection of Ddos Attacks by Entropy Variation. IOSR Journal of Computer Engineering, 7, 45-67.
https://doi.org/10.9790/0661-0711318

[18]   Girma, A., et al. (2015) Analysis of DDoS Attacks and an Introduction of a Hybrid Statistical Model to Detect DDoS Attacks on Cloud Computing Environment. 12th International Conference on Information Technology—New Generations, Las Vegas, 13-15 April 2015, 212-217.
https://doi.org/10.1109/ITNG.2015.40

[19]   Nitesh, B., et al. (2017) Mitigating Distributed Denial of Service Attack in Cloud Computing Environment using Threshold based Technique. Indian Journal of Science and Technology, 3, 1-7.

[20]   Iyengar, N. and Gopinath, G. (2015) Trilateral Trust Based Defense Mechanism against DDoS Attacks in Cloud Computing Environment. Cybernetics and Information Technologies, 15, 122.
https://doi.org/10.1515/cait-2015-0033

[21]   Al-Hemairy, M., et al. (2009) Towards More Sophisticated ARP Spoofing Detection/Prevention Systems in LAN Networks. International Conference on the Current Trends in Information Technology, Dubai, 15-16 December 2009, 1-6.
https://doi.org/10.1109/CTIT.2009.5423112

[22]   Jeyanthi, N. and Chris, M. (2014) A Virtual Firewall Mechanism using Army Nodes to Protect Cloud Infrastructure from DDoS Attacks. Cybernetics and Information Technologies, 14, 71-85.
https://doi.org/10.2478/cait-2014-0034

[23]   David, J. and Ciza, T. (2015) DDoS Attack Detection using Fast Entropy Approach on Flow-Based Network Traffic. Procedia Computer Science, 50, 30-36.
https://doi.org/10.1016/j.procs.2015.04.007

[24]   Singh, N., et al. (2015) Comprehensive Study of Various Techniques for Detecting DDoS Attacks in Cloud Environment. International Journal of Grid and Distributed Computing, 8, 119-126.
https://doi.org/10.14257/ijgdc.2015.8.3.12

[25]   Adetunmbi, A.O., et al. (2008) Network Intrusion Detection Based on Rough Set and K-Nearest Neighbor. International Journal of Computing and ICT Research, 2, 60-66.

[26]   Gourkhede, M.H. and Peter, T. (2014) Preserving Privacy and Illegal Content Distribution for Cloud Environment. International Journal of Computing and Technology, 1, 124-148.

[27]   Gayatri, P., et al. (2015) Comprehensive Comparative Study on Intrusion Detection System in Cloud Computing. International Journal for Research in Applied Science & Engineering Technology, 3, 926-930.

[28]   Parwani, D. and Amit, D. (2017) Prevention Mechanisms of DDoS Attacks: A Critical Review. International Journal of Science, Engineering and Technology, 5, 99-112.

[29]   Dastjerdi, A.V., et al. (2009) Distributed Intrusion Detection in Clouds using Mobile Agents. 3rd International Conference on Advanced Engineering Computing and Applications in Sciences, Sliema, 11-16 October 2009, 175-180.
https://doi.org/10.1109/ADVCOMP.2009.34

[30]   Karthi, M.M., et al. (2013) Intrusion Detection System for Cloud System using Intelligent Agents. International Journal Of Engineering And Computer Science, 2, 1868-1873.

[31]   Sahardi, R.M. and Vahid, G. (2013) New Approach to Mitigate XML-DOS and HTTP-DOS Attacks for Cloud Computing. International Journal of Computer Applications, 72, 27-31.
https://doi.org/10.5120/12579-9201

[32]   Subapriya, S. and Nathan, R. (2014) DNIDPS: Distributed Network Intrusion Detection and Prevention System. International Journal of Innovative Science, Engineering & Technology, 6, 56-67.

[33]   Lonea, A.M., et al. (2012) Detecting DDoS Attacks in Cloud Computing Environment. International Journal of Computers Communications & Control, 8, 70.
https://doi.org/10.15837/ijccc.2013.1.170

[34]   Patel, S. and Fenil, K. (2016) A Review Paper of an Encryption Scheme using Network Coding for Energy Optimization in MANET. International Conference on Wireless Communications, Signal Processing and Networking, Chennai, 23-25 March 2016, Vol. 34, 45-67.
https://doi.org/10.1109/WiSPNET.2016.7566298

[35]   Csubak, D., Szucs, K., Voros, P. and Kiss, A. (2016) Big Data Testbed for Network Attack Detection. Acta Polytechnica Hungarica, 13, 47-57.

[36]   Chen, Z., Xu, G., Mahalingam, V., Ge, L., Nguyen, J., Yu, W. and Lu, C. (2016) A Cloud Computing Based Network Monitoring and Threat Detection System for Critical Infrastructures. Big Data Research, 3, 10-23.
https://doi.org/10.1016/j.bdr.2015.11.002

[37]   Osanaiye, O., Choo, K.R. and Dlodlo, M. (2016) Distributed Denial of Service (DDoS) Resilience in Cloud: Review and Conceptual Cloud DDoS Mitigation Framework. Journal of Network and Computer Applications, 67, 147-165.
https://doi.org/10.1016/j.jnca.2016.01.001

[38]   Cepheli, O., Buyukcorak, S. and Kurt, K.G. (2016) Hybrid Intrusion Detection System for DDoS Attacks. Journal of Electrical and Computer Engineering, 2016, Article ID: 1075648.
https://doi.org/10.1155/2016/1075648

[39]   Hameed, S. and Ali, U. (2016) Efficacy of Live DDoS Detection with Hadoop. IEEE/IFIP Network Operations and Management Symposium, Istanbul, 25-29 April 2016.
https://arxiv.org/pdf/1506.08953.pdf

[40]   Korad, S., Kadam, S., Deore, P., Jadhav, M. and Patil, R. (2016) Detection of Distributed Denial of Service Attack with Hadoop on Live Network. International Journal of Innovative Research in Computer and Communication Engineering, 4, 92-98.

[41]   Veetil, S. and Gao, Q. (2014) Real-Time Network Intrusion Detection using Hadoop-Based Bayesian Classifier. In: Akhgar, B. and Arabnia, H.R., Eds., Emerging Trends in ICT Security, Elsevier Inc., 281-299.
https://doi.org/10.1016/B978-0-12-411474-6.00018-9

[42]   Singh, K., Guntuku, S.C., Thakur, A. and Hota, C. (2014) Big Data Analytics Framework for Peer-to-Peer Botnet Detection using Random Forests. Information Sciences, 278, 488-497.
https://doi.org/10.1016/j.ins.2014.03.066

[43]   Jia, B., Ma, Y., Huang, X., Lin, Z. and Sun, Y. (2016) A Novel Real-Time DDoS Attack Detection Mechanism Based on MDRA Algorithm in Big Data. Mathematical Problems in Engineering, 2016, Article ID: 1467051.
https://doi.org/10.1155/2016/1467051

[44]   Jin, W. and Yu, Z. (2016) The Analysis of Information System Security Issue Based on Economics. International Conference on Information Engineering and Communications Technology, Kunming, 21-22 2016.
https://doi.org/10.12783/dtetr/iect2016/3801

[45]   Prasad, K.M., Reddy, R.A. and Rao, K.V. (2014) DoS and DDoS Attacks: Defense, Detection and Traceback Mechanisms—A Survey. Global Journal of Computer Science and Technology: E Network Web & Security, 14, 16-32.

 
 
Top