USP Electronic Research Repository

Detecting denial of service attacks in the cloud

Kumar, Raneel and Lal, Sunil P. and Sharma, Alokanand (2016) Detecting denial of service attacks in the cloud. [Conference Proceedings]

[img] PDF - Accepted Version
Restricted to Registered users only

Download (583Kb)


    In this paper, an approach to protecting virtual machines (VMs) against denial of service (DoS) attacks in a cloud environment is proposed. An open source cloud computing platform (Eucalyptus) has been deployed, and experimentation was carried out on this setup. We investigate attacks emanating from one or more virtual machines (VMs) to another VM in a multi-tenancy cloud environment. Various types of DoS attacks are mounted on a webserver VM. To detect such attacks from a cloud provider’s perspective, an intrusion detection system (IDS) is needed. In this research we propose and implement an IDS which incorporates a packet sniffer, feature extractor and a classifier as part of its design. We have experimented with the one-class support vector machines (SVM) algorithm for classification of the attacks. The dataset containing time-based traffic flow features is passed through the classifier to detect the attack traffic from legitimate traffic. The proposed IDS design shows promising results in being able to detect the ICMP Flood, Ping-of-Death, UDP Flood, TCP SYN Flood, TCP LAND and DNS Flood attacks with high classification accuracies.

    Item Type: Conference Proceedings
    Subjects: Q Science > Q Science (General)
    Divisions: Faculty of Science, Technology and Environment (FSTE) > School of Computing, Information and Mathematical Sciences
    Faculty of Science, Technology and Environment (FSTE) > School of Engineering and Physics
    Depositing User: Fulori Nainoca
    Date Deposited: 13 Mar 2017 15:52
    Last Modified: 14 Mar 2017 10:07

    Actions (login required)

    View Item

    Document Downloads

    More statistics for this item...