SCEF: A Model for Prevention of DDoS Attacks From the Cloud

• Published in: International journal of cloud applications and computing Vol. 10; no. 3; pp. 67 - 80
• Main Authors: Shidaganti, Ganeshayya Ishwarayya, Inamdar, Amogh Shreedhar, Rai, Sindhuja V, Rajeev, Anagha M
• Format: Journal Article
• Language: English
• Published: Hershey IGI Global 01.07.2020
• Subjects: Analysis; Cloud computing; Denial of service attacks; Internet; Linux; Machine learning; Neural networks; Packet transmission; Prevention; Safety and security measures; Software; Virtual computer systems; Virtual environments
• ISSN: 2156-1834; 2156-1826
• DOI: 10.4018/IJCAC.2020070104

Distributed denial of service (DDoS) attacks are some of the biggest threats to network performance and security today. With the advent of cloud computing, these attacks can be performed remotely on rented virtual machines (VMs), potentially increasing their capabilities and making them harder to trace and mitigate, and negatively affecting the cloud service provider as well. By analyzing packet transmission statistics, attacks can be detected on a virtual machine monitor (VMM) that controls the behavior of the VMs. This article proposes a solution to stop such detected attacks from the source, and analyses solutions proposed for a few different types of such attacks. The authors propose a model called selective cloud egress filter (SCEF) which implements specific modules to deal with detected attacks. If an attack is detected, the SCEF relays information to the VMM about which VMs are participating in the attack, allowing for specific corrective action.