Authors: Kazi Zunnurhain; Susan V. Vrbsky; Ragib Hasan
Addresses: Department of Computer Science, The University of Alabama, Box 870290, Tuscaloosa, AL 35487-0290, USA ' The University of Alabama, Box 870290, Tuscaloosa, AL 35487-0290, USA ' University of Alabama at Birmingham, CIA-JFR Facebook Suit, 1300 University Blvd., AL 35294, USA
Abstract: The rate of acceptance of clouds each year is making cloud computing the leading IT computational technology. While cloud computing can be productive and economical, it is still vulnerable to different types of external threats, one of which is a denial of service (DoS) attack. Taking the cloud providers' security services could cause disputes and involvement of hidden costs. Rather than depending on cloud providers, we have proposed a model, called flooding attack protection architecture (FAPA), to detect and filter packets when DoS attacks occur. FAPA can run locally on top of the client's terminal and is independent of the provider's cloud machine. In FAPA, detection of denial of service is accomplished through traffic pattern analysis and it removes flooding by filtering. Both in the cloud and on the cluster, our experimental results demonstrated that FAPA was able to detect and filter packets to successfully remove a DoS attack.
Keywords: distributed DoS; denial of service; DDoS attacks; cloud computing; autonomous systems; behavioural patterns; filtering; bandwidth; throughput; transfer packets; flooding attack protection; cloud security; traffic pattern analysis.
International Journal of Cloud Computing, 2014 Vol.3 No.4, pp.379 - 401
Received: 23 Jul 2013
Accepted: 17 Oct 2013
Published online: 14 Jan 2015 *