Deakin University
Browse

File(s) under permanent embargo

Controlled Virtual Resource Access to Mitigate Economic Denial of Sustainability (EDoS) Attacks Against Cloud Infrastructures

conference contribution
posted on 2013-01-01, 00:00 authored by Zubair BaigZubair Baig, Farid Binbeshr
Service providers of the cloud have witnessed a rapidly growing demand to provide services to end-users in a timely manner. Security vulnerabilities against the cloud infrastructure cannot be overlooked. Through exploitation of such weaknesses, the adversary class may disrupt routine cloud operations, and have a debilitating effect on the reputation of the service provider. One attack type specifically affecting cloud services is the Economic Denial of Sustainability (EDoS) attack. Through such a malicious attack, the ability of the service provider to dynamically stretch and accommodate increasing numbers of requests from end-users, is exploited, to make it economically unviable for the service provider to sustain further demand for service from legitimate end-users. In this paper, we propose a novel approach for selectively controlling user requests for service, implemented at the service provider's end. Through this scheme, we reduce i.e mitigate the effects of an imminent EDoS attack against critical cloud resources. Incoming requests are classified into normal or suspicious. Subsequently, further analysis is conducted to ensure that priority to cloud service access is given to those end-users tagged as being legitimate, whereas, suspect users are given lesser priority to service access, until they are eventually removed from the suspect list. Simulations were conducted to study the performance of the scheme, with results showing promise.

History

Pagination

346-353

Location

Fuzhou, China

Start date

2013-12-16

End date

2013-12-18

ISBN-13

9781479928309

Language

eng

Publication classification

E1.1 Full written paper - refereed

Title of proceedings

CLOUDCOM-ASIA 2013 : International Conference on Cloud Computing and Big Data : CLOUDCOM-ASIA 2013 : proceedings : 16-18 December 2013, Fuzhou, Fujian, China

Event

Cloud Computing and Big Data. Conference (2013 : Fuzhou, China)

Publisher

IEEE

Place of publication

Piscataway, N.J.

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC