A multilevel thrust filtration defending mechanism against DDoS attacks in cloud computing environment

Iyengar, N. Ch. S. N.; Ganapathy, Gopinath; Kumar, Punit; Abraham, Ajith

doi:10.1504/ijguc.2014.065384

Cited by 29 publications

(6 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Among other approaches, the work of Iyengare et al [22] proposes a Multilevel Thrust Filtration (MTF) that contains four detection and prevention modules, which are traffic analysis, anomaly detection, anomaly classification, and attack prevention. The proposed method filters the incoming packets and detects four types of traffic congestion, which are spoofing, ash crowd, DDoS, and aggressive legitimate traffic.…”

Section: Related Workmentioning

confidence: 99%

An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment

2018

View full text Add to dashboard Cite

Cloud Computing enables providers to rent out space on their virtual and physical infrastructures. Denial of Service (DoS) attacks threaten the ability of the cloud to respond to clients requests, which results in considerable economic losses. The existing detection approaches are still not mature enough to satisfy a cloud-based detection systems requirements since they overlook the changing/dynamic environment, that characterises the cloud as a result of its inherent characteristics. Indeed, the patterns extracted and used by the existing detection models to identify attacks, are limited to the current VMs infrastructure but do not necessarily hold after performing new adjustments according to the pay-as-you-go business model. Therefore, the accuracy of detection will be negatively affected. Motivated by this fact, we present a new approach for detecting DoS attacks in a virtualized cloud under changing environment. The proposed model enables monitoring and quantifying the effect of resources adjustments on the collected data. This helps filter out the effect of adjustments from the collected data and thus enhance the detection accuracy in dynamic environments. Our solution correlates as well VMs application metrics with the actual resources load, which enables the hypervisor to distinguish between benignant high load and DoS attacks. It helps also the hypervisor identify the compromised VMs that try to needlessly consume more resources. Experimental results show that our model is able to enhance the detection accuracy under changing environments.

show abstract

Section: Related Workmentioning

confidence: 99%

An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment

2018

View full text Add to dashboard Cite

show abstract

“…Similarly, in order to extract the PS s, all sentences containing the verb term “propose” or “present” or “develop” or “address” or “design” are extracted since authors commonly demonstrate their contributions, novelty or solutions by using these verbs. For instance, “ In this paper, we propose “Multilevel Thrust Filtration (MTF) mechanism” as a solution, which authenticates the incoming… (Iyengar et al, 2014 )” briefly summarizes the solution proposed in the article using the verb “propose.” The solutions or techniques proposed to solve research problems in academic articles are most likely represented in the sentences as such.…”

Section: Methodsmentioning

confidence: 99%

From Big Scholarly Data to Solution-Oriented Knowledge Repository

et al. 2019

View full text Add to dashboard Cite

The volume of scientific articles grow rapidly, producing a scientific basis for understanding and identifying the research problems and the state-of-the-art solutions. Despite the considerable significance of the problem-solving information, existing scholarly recommending systems lack the ability to retrieve this information from the scientific articles for generating knowledge repositories and providing problem-solving recommendations. To address this issue, this paper proposes a novel framework to build solution-oriented knowledge repositories and provide recommendations to solve given research problems. The framework consists of three modules: a semantics based information extraction module mining research problems and solutions from massive academic papers; a knowledge assessment module based on the heterogeneous bibliometric graph and a ranking algorithm; and a knowledge repository generation module to produce solution-oriented maps with recommendations. Based on the framework, a prototype scholarly solution support system is implemented. A case study is carried out in the research field of intrusion detection, and the results demonstrate the effectiveness and efficiency of the proposed method.

show abstract

“…This metric, which can also be expressed as the rate of serviced requests, is used by authors to demonstrate the enhanced performance of the cloud service in defense and nondefense scenarios when detection and mitigation of attacks occur [115], [122]. Research also considers the goodput metric as a means of measuring the rate of legitimate requests that the system serves [123]. Good performance yields high goodput rates.…”

Section: ) Attack Mitigationmentioning

confidence: 99%

“…Cloud resource consumption: Authors use this metric in defense and non-defense scenarios as a way of demonstrating how the defense system alleviates the impact that DDoS attacks have on cloud service performance. It is typically expressed through CPU consumption [126] or network bandwidth utilization [123], [124] and [127]. It can be evaluated while the type of attack is made to vary [128].…”

Section: ) Attack Mitigationmentioning

confidence: 99%

“…• Processing time: Authors measure the processing time involved for the defense method to conduct computational cost and time analysis [100], [101], [103], [107], [123], [129] and [130] or the testing and data training time if data classification techniques are used. Usually, the average processing time (or detection time) is measured while increasing network congestion, client request rates [119], [126], or attack intensity [131].…”

Section: ) Deployment Costmentioning

confidence: 99%

See 1 more Smart Citation

Comprehensive Review of Artificial Intelligence and Statistical Approaches in Distributed Denial of Service Attack and Defense Methods

et al. 2019

View full text Add to dashboard Cite

Until now, an effective defense method against Distributed Denial of Service (DDoS) attacks is yet to be offered by security systems. Incidents of serious damage due to DDoS attacks have been increasing, thereby leading to an urgent need for new attack identification, mitigation, and prevention mechanisms. To prevent DDoS attacks, the basic features of the attacks need to be dynamically analyzed because their patterns, ports, and protocols or operation mechanisms are rapidly changed and manipulated. Most of the proposed DDoS defense methods have different types of drawbacks and limitations. Some of these methods have signature-based defense mechanisms that fail to identify new attacks and others have anomaly-based defense mechanisms that are limited to specific types of DDoS attacks and yet to be applied in open environments. Subsequently, extensive research on applying artificial intelligence and statistical techniques in the defense methods has been conducted in order to identify, mitigate, and prevent these attacks. However, the most appropriate and effective defense features, mechanisms, techniques, and methods for handling such attacks remain to be an open question. This review paper focuses on the most common defense methods against DDoS attacks that adopt artificial intelligence and statistical approaches. Additionally, the review classifies and illustrates the attack types, the testing properties, the evaluation methods and the testing datasets that are utilized in the methodology of the proposed defense methods. Finally, this review provides a guideline and possible points of encampments for developing improved solution models of defense methods against DDoS attacks. INDEX TERMS DDoS attack, DDoS defense, artificial intelligence technique, statistical technique.

show abstract

A multilevel thrust filtration defending mechanism against DDoS attacks in cloud computing environment

Cited by 29 publications

References 19 publications

An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment

An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment

From Big Scholarly Data to Solution-Oriented Knowledge Repository

Comprehensive Review of Artificial Intelligence and Statistical Approaches in Distributed Denial of Service Attack and Defense Methods

Contact Info

Product

Resources

About