Mitigating TCP SYN flooding based EDOS attack in cloud computing environment using binomial distribution in SDN

Shah, Sayed Qaiser Ali; Khan, Farrukh Zeeshan; Ahmad, Muneer

doi:10.1016/j.comcom.2021.11.008

Cited by 15 publications

(9 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• EDOS-TSM: Shah et al 83 introduces EDoS-TCP SYN mitigation model (EDOS-TSM), an SDN-based statistical anomaly detection methodology for quick and effective TCP SYN flooding attack mitigation. To identify source-based and spoofing-based attacks, EDOS-TSM employs binomial probability, TTL field values from IP packet headers, and multiple TCP SYN requests.…”

Section: Levelmentioning

confidence: 99%

“…The proposed approach implements a gated recurrent unit which helps in reducing the vanishing gradient problem and can also capture complex temporal dependence relations. To reduce the error rate, a self‐adjusting threshold is also introduced, whereas the present solutions generally utilize a fixed threshold to analyze the anomalies, which somehow results in increased error rates. EDOS‐TSM : Shah et al 83 introduces EDoS‐TCP SYN mitigation model (EDOS‐TSM), an SDN‐based statistical anomaly detection methodology for quick and effective TCP SYN flooding attack mitigation. To identify source‐based and spoofing‐based attacks, EDOS‐TSM employs binomial probability, TTL field values from IP packet headers, and multiple TCP SYN requests.…”

Section: Defense Mechanism For Indirect Attackmentioning

confidence: 99%

See 1 more Smart Citation

Uncovering collateral damages and advanced defense strategies in cloud environments against DDoS attacks: A comprehensive review

Verma,

Bharot,

Breslin

et al. 2024

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Cloud computing (CC) offers on‐demand computing and resources to users, and organizations, and is also used in many human‐centric intelligent systems. Attacks in cloud networks cause huge damage to service providers and users. Distributed Denial of Service (DDoS) is one of them that greatly impacts the cloud network. The unavailability of resources is the major concern pertaining to cloud service and resources. Apart from the direct targets of a DDoS attack, there are also indirect effects on non‐targets within a cloud network. These effects on the non‐target stakeholders of the cloud are called collateral damages. However, this area of research is not explored much by researchers. Thus, the defense methods pertaining to direct and indirect effects need to be explored. This article aims to describe the consequences of DDoS attacks and the solutions available in the cloud network. The novelty of this article lies in shedding light on the indirect impacts of DDoS in cloud networks and possible solution approaches. The article also provides a comparative analysis of the existing defense solution under different categories and available tools and datasets to evaluate the proposed solutions. The article also mentions the solution considerations and effective solution scenarios. The idea behind this article is to impart guidelines to the researchers, for developing efficient defense solutions against direct target and indirect target DDoS attacks. Moreover, the research shortcomings, pros–cons, and existing challenges are outlined, and directions for future research are mentioned.

show abstract

Section: Levelmentioning

confidence: 99%

Section: Defense Mechanism For Indirect Attackmentioning

confidence: 99%

Uncovering collateral damages and advanced defense strategies in cloud environments against DDoS attacks: A comprehensive review

Verma,

Bharot,

Breslin

et al. 2024

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…SDN classifies and separates incoming traffic and blocks them before the attack on the target VM (Virtual Machines). In order to overcome TCP SYN flooding attacks from spoofed IPs, the EDOS-TSM Model (EDOS-TCP SYN mitigation model) comes into effect [7].…”

Section: Literature Reviewmentioning

confidence: 99%

“…A quick way to temporarily resolve this issue is by turning off the ICMP request on the server. But most companies use an auto-scaling technique, which enlarges their resources according to the traffic and the downside of this process is EDOS (Economic denial of sustainability), resulting in clients paying charges for the resources they haven't used [7] Cloud computing provides the services managed by on-premises through cloud technology and they are very much vulnerable to malicious virus attacks DDoS attacks are some of the common attacks faced in the field of cloud technology [8]. DDoS attacks bring forth a huge amount of loss to the attacked company or the service.…”

Section: Figure 21 Algorithms Used In Detection Systemmentioning

confidence: 99%

Towards applying FCM with DBSCAN for Detecting DDoS Attack in Cloud Infrastructure to Improve Data Transmission Rate

Devi

Deepa

Karthikeyan

et al. 2022

ijcci

View full text Add to dashboard Cite

Cloud is a pay-to-use technology which can be used to offer IT resources instead of buying computer hardware. It is time saving and cheaper technology. This paper analyzes the DDoS attack on cloud infrastructure and can be detected by using FCM with DBSCAN hybrid algorithm that classifies the clusters of data packets and detects the outlier in that particular data packet. The experimental outcome shows that the enhanced hybrid approach has better results in detecting the DDoS attack. The DDoS attack targets the main host of the cloud infrastructure by sending unwanted packets. This attack is a major threat to the network security. The FCM with DBSCAN hybrid approach detects outliers and also assigns one specific data point in clusters to detect DDoS attack in cloud infrastructure. By using this hybrid approach the data can be grouped as clusters and the data beyond the noise level can also be detected. This algorithm helps in identifying the data that are vulnerable to DDoS attack. This detection helps in improving the data transmission rate.

show abstract

“…SDN consists of a central controller with global visibility of the network state, and the communication between the controller and the switches is usually handled using the open and standard protocol OpenFlow [ 6 ], which allows the controller to update the flow rules in any switch directly once there is a demand. This simplified network architecture makes network control more flexible and enables SDN to be widely used in cloud data center network [ 7 , 8 ], wireless LANs [ 9 , 10 ], and cloud computing [ 11 , 12 ]. However, the centralized topology of SDN is vulnerable to DDoS attacks.…”

Section: Introductionmentioning

confidence: 99%

SDN-Defend: A Lightweight Online Attack Detection and Mitigation System for DDoS Attacks in SDN

Wang

2022

Sensors

View full text Add to dashboard Cite

With the development of Software Defined Networking (SDN), its security is becoming increasingly important. Since SDN has the characteristics of centralized management and programmable, attackers can easily take advantage of the security vulnerabilities of SDN to carry out distributed denial of service (DDoS) attacks, which will cause the memory of controllers and switches to be occupied, network bandwidth and server resources to be exhausted, affecting the use of normal users. To solve this problem, this paper designs and implements an online attack detection and mitigation SDN defense system. The SDN defense system consists of two modules: anomaly detection module and mitigation module. The anomaly detection model uses a lightweight hybrid deep learning method—Convolutional Neural Network and Extreme Learning Machine (CNN-ELM) for anomaly detection of traffic. The mitigation model uses IP traceback to locate the attacker and effectively filters out abnormal traffic by sending flow rule commands from the controller. Finally, we evaluate the SDN defense system. The experimental results show that the SDN defense system can accurately identify and effectively mitigate DDoS attack flows in real-time.

show abstract

Mitigating TCP SYN flooding based EDOS attack in cloud computing environment using binomial distribution in SDN

Cited by 15 publications

References 36 publications

Uncovering collateral damages and advanced defense strategies in cloud environments against DDoS attacks: A comprehensive review

Uncovering collateral damages and advanced defense strategies in cloud environments against DDoS attacks: A comprehensive review

Towards applying FCM with DBSCAN for Detecting DDoS Attack in Cloud Infrastructure to Improve Data Transmission Rate

SDN-Defend: A Lightweight Online Attack Detection and Mitigation System for DDoS Attacks in SDN

Contact Info

Product

Resources

About