International Journal of Advanced Computer Research (IJACR) ISSN (P): 2249-7277 ISSN (O): 2277-7970 Vol - 6, Issue - 27, November 2016
  1. 1
    Google Scholar
  2. 4
    Impact Factor
The conjectural framework for detecting DDoS attack using enhanced entropy based threshold technique (EEB-TT) in cloud environment

A. Manimaran and M. Durairaj

Abstract

A major threat to cloud infrastructure network is distributed denial of service (DDoS) attacks. It makes the resources unavailable for its anticipated users, which can be accomplished through malicious virtual machines (VMs) ina hypervisor layer of cloud data center. Less protection in VMs leads to DDoS attacks on cloud environment. Traditional approaches used data flow based method, but that is not efficient for attack detection in distributed cloud environment. In a cloud environment, malicious tenants use the cloud resources to initiate DDoS attacks at cloud data center level. This paper proposes a theoretical framework of entropy information theory based attack detection method, which is based on finding probability distribution of malicious VMs attributes to effectively address this issue.

Keyword

DDoS attack, Resource availability, Cloud computing, Data center, Entropy information theory.

Cite this article

Refference

[1][1]Durairaj M, Manimaran A. A study on securing cloud environment from DDoS attack to preserve data availability. The International Journal of Science and Technoledge.2015; 3(2):63-72.

[2][2]Mustafa S, Nazir B, Hayat A, Madani SA. Resource management in cloud computing: Taxonomy, prospects, and challenges. Computers & Electrical Engineering. 2015; 47: 186-203.

[3][3]Girma A, Garuba M, Li J, Liu C. Analysis of DDoS attacks and an introduction of a hybrid statistical model to detect DDoS attacks on cloud computing environment. In 12th international conference on information technology-new generations (ITNG) 2015 (pp. 212-7). IEEE.

[4][4]Durairaj M, Manimaran A. An extemporized confidence based filtering technique to mitigate DDoS attack in cloud environment. International Journal of Control Theory and Applications. 2015; 8(5):2405-13.

[5][5]Durairaj M, Manimaran A. Theoretical framework of TCP SYN flood DDoS attack detection mechanism using spoofed IP in cloud environment. International Journal of Emerging Technologies in Computational and Applied Sciences. 2015; 13(1): 42-8.

[6][6]Durairaj M, Kannan P. A study on virtualization techniques and challenges in cloud computing. International Journal of Scientific &Technology Research. 2014; 3(11):147-51.

[7][7]Liu T, Wang Z, Wang H, Lu K. An entropy-based method for attack detection in large scale network. International Journal of Computers Communications & Control. 2012; 7(3):509-17.

[8][8]Somani G, Gaur MS, Sanghi D, Conti M, Buyya R. DDoS attacks in cloud computing: issues, taxonomy, and future Directions. ACM Computing Surveys. 2015; 1(1): 1-44.

[9][9]Chen CL, Chen HC. A rule-based detection mechanism against distributed denial of service attacks. In the third international conference on digital enterprise and information systems (DEIS2015) 2015 (pp. 38-45).

[10][10]Gupta S, Kumar P. VM profile based optimized network attack pattern detection scheme for DDoS attacks in cloud. In international symposium on security in computing and communication 2013 (pp. 255-61). Springer Berlin Heidelberg.

[11][11]Singh B, Panda DS, Samra DG. Threshold based approach to detect DDoS attacks in cloud. International Journal of Innovative Research in Information Security. 2014; 3(2):22-8.

[12][12]Shin S, Lee S, Kim H, Kim S. Advanced probabilistic approach for network intrusion forecasting and detection. Expert Systems with Applications.2013; 40(1):315-22.

[13][13]Ahmed ES, Elatif RE. Network Denial of service threat security on cloud computing a survey. International Journal of Scientific Research in Science, Engineering and Technology. 2015; 1(5):341-50.

[14][14]Prasad KM, Reddy AR, Rao KV. An efficient detection of flooding attacks to Internet threat monitors (ITM) using entropy variations under low traffic. In computing communication & networking technologies (ICCCNT), 2012 third international conference on 2012 (pp. 1-11). IEEE.

[15][15]Jun JH, Ahn CW, Kim SH. DDoS attack detection by using packet sampling and flow features. In proceedings of the 29th annual ACM symposium on applied computing 2014 (pp. 711-2). ACM.

[16][16]Jeyanthi N, Iyengar NC. An entropy based approach to detect and distinguish DDoS attacks from flash crowds in VoIP networks. International Journal of Network Security. 2012; 14(5):257-69.