A protocol-free detection against cloud oriented reflection DoS attacks

被引:0
|
作者
Le Xiao
Wei Wei
Weidong Yang
Yulong Shen
Xianglin Wu
机构
[1] Huazhong University of Science and Technology,School of Automation
[2] Henan University of Technology,College of Information Science and Engineering
[3] Xidian University,School of Computer Science and Technology
来源
Soft Computing | 2017年 / 21卷
关键词
Cloud computing; Reflection DoS; Flash crowds; Flow correlation coefficient; Protocol-free detection; Botnets;
D O I
暂无
中图分类号
学科分类号
摘要
Distributed denial of service (DDoS) attack presents a critical threat to cloud infrastructure, where many manipulated hosts flood the victim cloud with plenty of packets, which will lead to the exhaustion of bandwidth and other system resources. As one type of DDoS attack, in reflection DoS (RDoS) attack, legitimate servers (reflectors) are fooled into sending a large number of packets to the victim cloud. Most of the existed RDoS attack detection mechanisms are protocol-specific, thus low in efficiency. It is inspected that because of being triggered by the same attacking flow, intra-unite correlation exists among the packet rate of attacking flows. Based on the phenomenon, a flow correlation coefficient (FCC)-based protocol-free detection (PFD) algorithm is proposed. The simulation results show that PFD can detect attacking flows efficiently and effectively and is not protocol-specific, thus can be used as effective supplement to existed algorithms.
引用
收藏
页码:3713 / 3721
页数:8
相关论文
共 50 条
  • [1] A protocol-free detection against cloud oriented reflection DoS attacks
    Xiao, Le
    Wei, Wei
    Yang, Weidong
    Shen, Yulong
    Wu, Xianglin
    SOFT COMPUTING, 2017, 21 (13) : 3713 - 3721
  • [2] A Rank Correlation Based Detection against Distributed Reflection DoS Attacks
    Wei, Wei
    Chen, Feng
    Xia, Yingjie
    Jin, Guang
    IEEE COMMUNICATIONS LETTERS, 2013, 17 (01) : 173 - 175
  • [3] An active security protocol against DoS attacks
    Cotroneo, D
    Peluso, L
    Romano, SP
    Ventre, G
    ISCC 2002: SEVENTH INTERNATIONAL SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS, PROCEEDINGS, 2002, : 496 - 501
  • [4] ForCES protocol design analysis for protection against DoS attacks
    Lakkavalli, S
    Khosravi, H
    ICCCN 2004: 13TH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATIONS AND NETWORKS, PROCEEDINGS, 2004, : 550 - 550
  • [5] Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks
    Chonka, Ashley
    Xiang, Yang
    Zhou, Wanlei
    Bonti, Alessio
    JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2011, 34 (04) : 1097 - 1107
  • [6] A cloud-based secure authentication (CSA) protocol suite for defense against Denial of Service (DoS) attacks
    Darwish, Marwan
    Ouda, Abdelkader
    Capretz, Luiz Fernando
    JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2015, 20 (90-98) : 90 - 98
  • [7] Detection of DoS attacks exploiting SUBSCRIBE messages of the MQTT protocol
    Dikii, Dmitrii
    Tikhomirov, Aleksey
    International Journal of Computers and Applications, 2022, 44 (06) : 579 - 585
  • [8] Analysis and Detection of DoS Attacks in Cloud Computing by Using QSE Algorithm
    Reddy, Pallavali Radha Krishna
    Bouzefrane, Samia
    2014 IEEE INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS, 2014 IEEE 6TH INTL SYMP ON CYBERSPACE SAFETY AND SECURITY, 2014 IEEE 11TH INTL CONF ON EMBEDDED SOFTWARE AND SYST (HPCC,CSS,ICESS), 2014, : 1089 - 1096
  • [9] Detection and Prevention of DoS attacks in Software-Defined Cloud Networks
    Rengaraju, Perumalraja
    Ramanan, Raja, V
    Lung, Chung-Horng
    2017 IEEE CONFERENCE ON DEPENDABLE AND SECURE COMPUTING, 2017, : 217 - 223
  • [10] A detection and recovery architecture against DoS and worm attacks in NGMN
    Hashim, Fazirulhisyam
    Kibria, M. Rubaiyat
    Jamalipour, Abbas
    2008 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, PROCEEDINGS, VOLS 1-13, 2008, : 1675 - 1679
12345