The impact and mitigation of ICMP based economic denial of sustainability attack in cloud computing environment using software defined network

High availability in network services is a crucial requirement for quality of experience. Denial of Service (DoS) and Distribute Denial of Service (DDoS) attacks are under contemplation by many researchers across the globe because these attacks directly target services availability. For this reason,...

Full description

Saved in:
Bibliographic Details
Published inComputer networks (Amsterdam, Netherlands : 1999) Vol. 187; p. 107825
Main Authors Ali Shah, Sayed Qaiser, Zeeshan Khan, Farrukh, Ahmad, Muneer
Format Journal Article
LanguageEnglish
Published Elsevier B.V 14.03.2021
Subjects
Auto-scaling
Cloud computing environment
DoS/DDoS
EDOS
ICMP detection and mitigation model (EDOS-IDM)
ICMP flooding attack
Software defined network (SDN)
ICMP flooding attack
EDOS
Software defined network (SDN)
Cloud computing environment
Auto-scaling
DoS/DDoS
ICMP detection and mitigation model (EDOS-IDM)
Online AccessGet full text

Cover

More Information
Summary:High availability in network services is a crucial requirement for quality of experience. Denial of Service (DoS) and Distribute Denial of Service (DDoS) attacks are under contemplation by many researchers across the globe because these attacks directly target services availability. For this reason, cloud providers use the auto-scaling feature in Cloud Computing Environments (CCE), in which cloud resources scale dynamically on demand. DoS/DDoS attacks on CCE, using auto-scaling, do not deny services but cause high resource usage and substantial financial damages that become an Economic Denial of Sustainability (EDOS) attack. One of the DoS/DDoS attacks, resulting EDOS attack is the Internet Control Messaging Protocol (ICMP) flooding attack. In this paper, a novel technique, ICMP detection and mitigation model (EDOS-IDM) is proposed that can detect and mitigate Volumetric and Normal Behavioral ICMP traffic attacks. The results from the proposed technique are compared with the Normal Behavioral ICMP traffic attack because it causes least resource usage among all the mitigation techniques. According to our study, there is no such technique that can handle normal behavioral ICMP traffic attack. The technique is practically tested and evaluated on OpenStack production Cloud Environment test bed. According to the results, the technique is proved to save extra resource consumption and customer's bills in a cloud computing environment.
ISSN:1389-1286
1872-7069
DOI:10.1016/j.comnet.2021.107825