Resolving DRDoS Attack in Cloud Database Service Using Common Source IP and Incremental Replacement Strategy

Autor: Aborisade Dada Olaniyi, Akinwale Adio Taofeek, B. S. Badmus, Sodiya Adesina Simon, Reich Christoph
Rok vydání: 2017
Předmět:
Zdroj: Proceedings of SAI Intelligent Systems Conference (IntelliSys) 2016 ISBN: 9783319569901
DOI: 10.1007/978-3-319-56991-8_52
Popis: The popularity and open nature of cloud services has made them an attractive platform for cyber attacks. The increase in activities of attackers through Distributed Reflection Denial of service (DRDoS) attack is particularly alarming. There have been many reported cases of denial of service attacks on many cloud services in recent times. Most of these attacks capitalize on the open nature of cloud services and the imperfections of existing security measures. In this paper, a scheme called Common Source IP (COMSOUIP) and Incremental Replacement Strategy (IRS) are proposed to mitigate against Distributed Reflection Denial of Service (DRDoS) attack in the cloud database offered as a service. The idea presented was about reducing the surface area of attack by pushing back the attack to the attacker’s network. In COMSOUIP, attack is detected by capturing ip addresses of all machines that communicate by making service call request to the cloud database service to determine machines that have a common ip source with the command and control machine. In IRS scheme, a new set of virtual machines are used to replace the compromised machines in gradual manner. The results of the schemes evaluation show that the schemes would be effective in guarding against Distributed Reflection Denial of Service (DRDoS) attack.
Databáze: OpenAIRE
Externí odkaz: