DocumentCode
2054011
Title
A packet marking approach to protect cloud environment against DDoS attacks
Author
Anitha, E. ; Malliga, S.
Author_Institution
Comput. Sci. & Eng., Kongu Eng. Coll., Perundurai, India
fYear
2013
fDate
21-22 Feb. 2013
Firstpage
367
Lastpage
370
Abstract
Cloud computing uses internet and remote servers for maintaining data and applications. It offers through internet the dynamic virtualized resources, bandwidth and on-demand software´s to consumers and promises the distribution of many economical benefits among its adapters. It helps the consumers to reduce the usage of hardware, software license and system maintenance. Simple Object Access Protocol (SOAP) is the system that allows the communications interaction between different web services. SOAP messages are constructed using either HyperText Transport Protocol (HTTP) and/or Extensible Mark-up Language (XML). The new form of Distributed Denial of Service (DDoS) attacks that could potentially bring down a cloud web services through the use of HTTP and XML. Cloud computing suffers from major security threat problem by HTTP and XML Denial of Service (DoS) attacks. HX-DoS attack is a combination of HTTP and XML messages that are intentionally sent to flood and destroy the communication channel of the cloud service provider. To address the problem of HX-DoS attacks against cloud web services there is a need to distinguish between the legitimate and illegitimate messages. This can be done by using the rule set based detection, called CLASSIE and modulo marking method is used to avoid the spoofing attack. Reconstruct and Drop method is used to make decision and drop the packets on the victim side. It enables us to improve the reduction of false positive rate and increase the detection and filtering of DDoS attacks.
Keywords
XML; cloud computing; security of data; CLASSIE method; DDoS attack; HTTP; HX-DoS attack; Internet; SOAP protocol; XML; cloud computing; cloud environment protection; cloud service provider; distributed denial-of-service attack; extensible markup language; hypertext transport protocol; modulo marking method; packet marking approach; reconstruct-and-drop method; rule set based detection; simple object access protocol; spoofing attack; Cloud computing; Computer crime; Simple object access protocol; Workstations; XML; Cloud Computing; Cloud Security; Denial Of Service; Traceback;
fLanguage
English
Publisher
ieee
Conference_Titel
Information Communication and Embedded Systems (ICICES), 2013 International Conference on
Conference_Location
Chennai
Print_ISBN
978-1-4673-5786-9
Type
conf
DOI
10.1109/ICICES.2013.6508330
Filename
6508330
Link To Document