Title: FAPA: flooding attack protection architecture in a cloud system
Authors: Kazi Zunnurhain; Susan V. Vrbsky; Ragib Hasan
Department of Computer Science, The University of Alabama, Box 870290, Tuscaloosa, AL 35487-0290, USA
The University of Alabama, Box 870290, Tuscaloosa, AL 35487-0290, USA
University of Alabama at Birmingham, CIA-JFR Facebook Suit, 1300 University Blvd., AL 35294, USA
Abstract: The rate of acceptance of clouds each year is making cloud computing the leading IT computational technology. While cloud computing can be productive and economical, it is still vulnerable to different types of external threats, one of which is a denial of service (DoS) attack. Taking the cloud providers' security services could cause disputes and involvement of hidden costs. Rather than depending on cloud providers, we have proposed a model, called flooding attack protection architecture (FAPA), to detect and filter packets when DoS attacks occur. FAPA can run locally on top of the client's terminal and is independent of the provider's cloud machine. In FAPA, detection of denial of service is accomplished through traffic pattern analysis and it removes flooding by filtering. Both in the cloud and on the cluster, our experimental results demonstrated that FAPA was able to detect and filter packets to successfully remove a DoS attack.
Keywords: distributed DoS; denial of service; DDoS attacks; cloud computing; autonomous systems; behavioural patterns; filtering; bandwidth; throughput; transfer packets; flooding attack protection; cloud security; traffic pattern analysis.
Int. J. of Cloud Computing, 2014 Vol.3, No.4, pp.379 - 401
Available online: 02 Jan 2015