Detecting and mitigating HX-DoS attacks against cloud web services

Chonka, Ashley and Abawajy, Jemal 2012, Detecting and mitigating HX-DoS attacks against cloud web services, in NBIS 2012 : Proceedings of the 2012 International Conference on Network-Based Information Systems, IEEE Computer Society, Los Alamitos, Calif., pp. 429-434.

Attached Files
Name Description MIMEType Size Downloads

Title Detecting and mitigating HX-DoS attacks against cloud web services
Author(s) Chonka, Ashley
Abawajy, Jemal
Conference name IEEE International Conference on Networked-Based Information Systems (15th : 2012 : Melbourne, Victoria)
Conference location Melbourne, Victoria
Conference dates 26-28 Sep. 2012
Title of proceedings NBIS 2012 : Proceedings of the 2012 International Conference on Network-Based Information Systems
Editor(s) Barolli, Leonard
Tamiar, David
Enokido, Tomoya
Rahayu, Wenny
Takizawa, Makoto
Publication date 2012
Conference series IEEE International Conference on Networked-Based Information Systems
Start page 429
End page 434
Total pages 6
Publisher IEEE Computer Society
Place of publication Los Alamitos, Calif.
Keyword(s) Cyber-Physical Systems
Cloud Security
HX-Denial of Service Attacks
Summary Cyber-Physical Systems allow for the interaction of the cyber world and physical worlds using as a central service called Cloud Web Services. Cloud Web Services can sit well within three models of Cyber- Physical Systems, Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a- Service (IaaS). With any Cyber-Physical system use Cloud Web Services it inherits a security problem, the HX-DoS attack. HX-DoS attack is a combination of HTTP and XML messages that are intentionally sent to flood and destroy the communication channel of the cloud service provider. The relevance of this research is that TCP/IP flood attacks are a common problem and a lot of research to mitigate them has previously been discussed. But HTTP denial of service and XML denial of service problem has only been addressed in a few papers. In this paper, we get closer to closing this gap on this problem with our new defence system called Pre- Decision, Advance Decision, Learning System (ENDER). In our previous experiments using our Cloud Protector, we were successful at detecting and mitigate 91% with a 9% false positive of HX-DoS attack traffic. In this paper, ENDER was able to improve upon this result by being trained and tested on the same data, but with a greater result of 99% detection and 1% false positive.
Language eng
Field of Research 080501 Distributed and Grid Systems
Socio Economic Objective 890301 Electronic Information Storage and Retrieval Services
HERDC Research category E1 Full written paper - refereed
HERDC collection year 2012
Copyright notice ©2012, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30049231

Document type: Conference Paper
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Access Statistics: 70 Abstract Views, 3 File Downloads  -  Detailed Statistics
Created: Thu, 01 Nov 2012, 13:12:29 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.