Distributed Denial of Service Attacks on Cloud Computing Environment
A Comprehensive Review
Abstract
This paper aimed to identify the various kinds of distributed denial of service attacks (DDoS) attacks, their destructive capabilities, and most of all, how best these issues could be counter attacked and resolved for the benefit of all stakeholders along the cloud continuum, preferably as permanent solutions. A compilation of the various types of DDoS is done, their strike capabilities and most of all, how best cloud computing environment issues could be addressed and resolved for the benefit of all stakeholders along the cloud continuum. The key challenges against effective DDoS defense mechanism are also explored.
Downloads
References
Kobusińska, C. Leung, C. H. Hsu, S. Raghavendra and V. Chang. Emerging trends, issues and challenges in internet of things, big data and cloud computing. Future Generation Computer Systems, vol. 87, pp. 416-419, 2018.
A. I. Tahirkheli, M. Shiraz, B. Hayat, M. Idrees, A. Sajid, R. Ullah, N. Ayub and K. I. Kim. A survey on modern cloud computing security over smart city networks: Threats, vulnerabilities, consequences, countermeasures, and challenges. Electronics, vol. 10, p. 1811, 2021.
H. Tabrizchi and M. K. Rafsanjani. A survey on security challenges in cloud computing: Issues, threats, and solutions. The Journal of suPERCOMPUTIng, vol. 76, pp. 9493-9532, 2020.
Q. Han, W. Yu, Y. Zhang and Z. Zhao. Modeling and evaluating of typical advanced peer-to-peer botnet. Performance Evaluation, vol. 72, pp. 1-15, 2014.
L. Feng, H. Wang, Q. Han, Q. Zhao and L. Song. Modeling peerto-peer botnet on scale-free network. In Abstract and Applied Analysis, vol. 2014, p. 212478, 2014.
P. Kumar and R. Kumar. Issues and challenges of load balancing techniques in cloud computing: A survey. ACM Computing =Surveys, vol. 51, pp. 1-35, 2019.
S. N. Mthunzi, E. Benkhelifa, T. Bosakowski, C. G. Guegan andM. Barhamgi. Cloud computing security taxonomy: From an atomistic to a holistic view. Future Generation Computer Systems, vol. 107, pp. 620-644, 2020.
K. Akherfi, M. Gerndt and H. Harroud. Mobile cloud computing for computation offloading: Issues and challenges. Applied Computing and Informatics, vol. 14, pp. 1-16, 2018.
Y. Al-Dhuraibi, F. Paraiso, N. Djarallah and P. Merle. Elasticity in cloud computing: State of the art and research challenges. IEEE Transactions on Services Computing, vol. 11, pp. 430-447, 2017.
F. Shahzad. State-of-the-art survey on cloud computing security challenges, approaches and solutions. Procedia Computer Science, vol. 37, pp. 357-362, 2014.
J. Kaur Chahal, A. Bhandari and S. Behal. Distributed denial of service attacks: A threat or challenge. New Review of Information Networking, vol. 24, pp. 31-103, 2019.
C. Rossow, D. Andriesse, T. Werner, B. Stone-Gross, D. Plohmann, C. J. Dietrich and Bos, H. Sok: P2pwned-modeling and evaluating the resilience of peer-to-peer botnets. In: 2013 IEEE Symposium on Security and Privacy, pp. 97-111, 2013.
Y. S. Almashhadani and G. A. Qasmarrogy. Ad hoc on-demand distance vector inherent techniques comparison for detecting and eliminating the black hole attack nodes in mobile ad hoc network. Cihan University-Erbil Scientific Journal, vol. 4, pp. 77-81, 2020.
Y. Gao, Y. Ma and D. Li. Anomaly detection of malicious users’ behaviors for web applications based on web logs. In: 2017 IEEE 17th International Conference on Communication Technology (ICCT), pp. 1352-1355, 2017.
P. Narang, S. Ray, C. Hota and V. Venkatakrishnan. Peershark: Detecting peer-to-peer botnets by tracking conversations. In: 2014 IEEE Security and Privacy Workshops, pp. 108-115, 2014.
V. Hamon. Android botnets for multi-targeted attacks. Journal of Computer Virology and Hacking Techniques, vol. 11, pp. 193-202, 2015.
D. Zhuang and J. M. Chang. Enhanced peerhunter: Detecting peer-to-peer botnets through network-flow level community behavior analysis. IEEE Transactions on Information Forensics and Security, vol. 14, pp. 1485-1500, 2018.
Q. Yan, Y. Zheng, T. Jiang, W. Lou and Y. T. Hou. Peerclean: Unveiling peer-to-peer botnets through dynamic group behavior analysis. In: 2015 IEEE Conference on Computer Communications (INFOCOM), pp. 316-324, 2015.
Q. Shafi and A. Basit. DDoS botnet prevention using blockchain in software defined internet of things. In: 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST), pp. 624-628, 2019.
I. T. Aziz, H. Jin, I. H. Abdulqadder, Z. A. Hussien, Z. A. Abduljabbar and F. M. Flaih. A lightweight scheme to authenticate and secure the communication in smart grids. Applied Sciences, vol. 8, p. 1508, 2018.
Team Cymru. Team Cymru Services. United States: Team Cymru, 2018.
A. Karim, S. A. A. Shah and R. Salleh. Mobile botnet attacks: A thematic taxonomy. In: New Perspectives in Information Systems and Technologies. Vol. 2. Berlin, Germany: Springer, pp. 153-164, 2014.
A. Houmansadr and N. Borisov. BotMosaic: Collaborative network watermark for the detection of IRC-based botnets. Journal of Systems and Software, vol. 86, pp. 707-715, 2013.
I. T. Aziz, H. Jin, I. H. Abdulqadder, S. M. Alturfi, W. H. Alobaidi and F. M. Flaih. T2S2G: A novel two-tier secure smart grid architecture to protect network measurements. Energies, vol. 12, p. 2555, 2019.
S. Hosseini, A. E. Nezhad and H. Seilani. Botnet detection using negative selection algorithm, convolution neural network and classification methods. Evolving Systems, vol. 13, pp. 1-15, 2021.
J. M. Cruz, J. P. Dias and J. P. Pinto. A hands-on approach on botnets for behavior exploration. In: Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security, 2017.
M. Aresu, D. Ariu, M. Ahmadi, D. Maiorca and G. Giacinto. Clustering android malware families by http traffic. In: 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), pp. 128-135, 2015.
P. Wainwright and H. Kettani. An analysis of botnet models. In: Proceedings of the 2019 3rd International Conference on Compute and Data Analysis, pp. 116-121, 2019.
A. Zarras, A. Papadogiannakis, R. Gawlik and T. Holz. Automated generation of models for fast and precise detection of HTTPbased malware. In: 2014 Twelfth Annual International Conference on Privacy, Security and Trust, pp. 249-256, 2014.
F. Haddadi, J. Morgan, E. Gomes Filho and A. N. Zincir-Heywood. Botnet behaviour analysis using ip flows: With http filters using classifiers. In: 2014 28th International Conference on Advanced Information Networking and Applications Workshops, pp. 7-12, 2014.
A. Welzel, C. Rossow and H. Bos. On measuring the impact of DDoS botnets. In: Proceedings of the Seventh European Workshop on System Security, pp. 1-6, 2014.
P. Amini, R. Azmi and M. A. Araghizadeh. Analysis of network traffic flows for centralized botnet detection. Journal of Telecommunication, Electronic and Computer Engineering (JTEC), vol. 11, pp. 7-17, 2019.
A. K. Sood, S. Zeadally and R. J. Enbody. An empirical study of HTTP-based financial botnets. IEEE Transactions on Dependable and Secure Computing, vol. 13, pp. 236-251, 2014.
K. Neupane, R. Haddad and L. Chen. Next generation firewall for network security: A survey. in SoutheastCon 2018, pp. 1-6, 2018.
L. Böck, S. Karuppayah, K. Fong, M. Mühlhäuser and E. Vasilomanolakis. Poster: Challenges of accurately measuring churn in P2P botnets. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 2661-2663, 2019.
Eslahi, M. Rohmad, H. Nilsaz, M. V. Naseri, N. Tahir and H. Hashim. Periodicity classification of HTTP traffic to detect HTTP Botnets. In: 2015 IEEE Symposium on Computer Applications and Industrial Electronics (ISCAIE), pp. 119-123, 2015.
Copyright (c) 2022 Israa T. Aziz, Ihsan H. Abdulqadder, Thakwan A. Jawad
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License [CC BY-NC-ND 4.0] that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).