Short Paper: IP spoofing detection for preventing DDoS attack in Cloud Computing

Author

Osanaiye, Opeyemi A.

Author_Institution

Dept. of Electr. Eng., Univ. of Cape Town, Cape Town, South Africa

fYear

2015

fDate

17-19 Feb. 2015

Firstpage

139

Lastpage

141

Abstract

Distributed Denial of Service (DDoS) attack has been identified as the biggest security threat to service availability in Cloud Computing. It prevents legitimate Cloud Users from accessing pool of resources provided by Cloud Providers by flooding and consuming network bandwidth to exhaust servers and computing resources. A major attribute of a DDoS attack is spoofing of IP address that hides the identity of the attacker. This paper discusses different methods for detecting spoofed IP packet in Cloud Computing and proposes Host-Based Operating System (OS) fingerprinting that uses both passive and active method to match the Operating System of incoming packet from its database. Additionally, how the proposed technique can be implemented was demonstrated in Cloud Computing environment.

Keywords

IP networks; cloud computing; computer network security; operating systems (computers); resource allocation; DDoS attack prevention; IP spoofing detection; active method; cloud computing; cloud providers; cloud users; computing resources; distributed denial of service attack; host-based OS fingerprinting; host-based operating system fingerprinting; network bandwidth flooding; passive method; security threat; service availability; spoofed IP packet detection; Cloud computing; Computer crime; Databases; Fingerprint recognition; IP networks; Probes; Cloud Computing; DDoS attack; IP Spoofing; OS Fingerprinting;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligence in Next Generation Networks (ICIN), 2015 18th International Conference on

Conference_Location

Paris

Type

conf

DOI

10.1109/ICIN.2015.7073820

Filename

7073820