New Age Cyber Threat Mitigation for Cloud Computing Networks by Bhardwaj Akashdeep;

Author:Bhardwaj, Akashdeep;
Language: eng
Format: epub
Publisher: Bentham Science Publishers
Published: 2023-07-06T00:00:00+00:00

3. REVIEW OF DDoS RESEARCH

DDoS attack reasons identified by Vanitha et al. (2017) [6] range from extortion, political issues, revenge, proficiency testing, and even unethical competition between cloud service providers. DDoS affecting pricing models was reviewed for Fraudulent Resource Consumption (FRC) exploits the pay-as-you-go pricing model by Idziorek et al. (2013) [7] and a low rate DDoS attack evading early detection affects the pricing model by Palmieri et al. (2013, 2014) [8] described a new subtle DDoS with focus to attack computing resources exhausting the Cloud center energy which and ultimately increase cloud delivery costs. HTTP and XML DDoS attacks were discussed by Chonka et al. (2012) [9] for SaaS web services application attacks, while Dantas et al. (2014) [10] examined HTTP PRAGMA and HTTP POST attacks.

For Infrastructure level Direct Network layer attacks: For TCP Flood attacks where Transmission Control Protocol (TCP) has a three-way handshake before establishing actual packet exchanges with connection-orientated protocol features. Each SYN message sent by a connecting host is acknowledged with SYN + ACK and the handshaking process completes with ACK, finally establishing a connection between two hosts. Attackers exploited this three-way handshake feature by initiating connections that were half-open, leading to a huge number of transmission block allocations exhausting the kernel memory (Wong and Tan 2014) [1]. Zargar et al. (2013) [6] researched network and transport layer protocols to flood a host using TCP SYN, UDP, and ICMP floods. Exploiting TCP SYN for half-open connection feature leading to the large number of transmission block allocations causing exhaustion of kernel memory was

examined by Wong and Tan (2014) [1]. Amazon Cloud Services being affected by TCP SYN floods were also reported.

For Infrastructure level Direct Application layer attacks: HTTP Flood Attacks on Application layer target cloud services by sending web packet floods at high rates to overwhelm a target web application server using malformed HTTP packets (Choi et al. 2014) [11]. These consume the target cloud web server’s resources preventing legitimate users from accessing the services, also such attacks are challenging to mitigate since these consume very little bandwidth flow and are mostly stealthy. The target server gets inundated with HTTP and SML floods which appear as legitimate GET and POST requests (Wong and Tan, (2014) [1] reported that one-fourth of the global DDoS attacks target the application layer while HTTP GET floods to comprise one-fifth of the global HTTP attacks.

Some authors presented a scalable network-application profiler (SNAP) that guides the engineers to identify and fix performance-related issues. This passively ensures the TCP statistics are collected, logs from socket-call having low overhead for computation and storage across shared computing resources like servers, circuits, or switches and connections to pinpoint the location of the problem like TCP/application conflicts, application-generated micro-bursts, network congestion or sending buffer mismanagement. SNAP combines socket-call logs of data-transfer behaviors with TCP for the application from the network stack that highlights the data delivery. The profiler leverages the topology, network routing, and application deployment in the data center to correlate performance issues for network connections and aims to find the congested resource or problematic software component.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.