Cloud security is one of most important issues that
have attracted a lot of research and development effort in past
few years. Particularly, attackers can explore vulnerabilities of a
cloud system and compromise virtual machines to deploy further
large-scale Distributed Denial-of-Service (DDoS). DDoS attacks
usually involve early stage actions such as multi-step
exploitation, low frequency vulnerability scanning, and
compromising identified vulnerable virtual machines as
zombies, and finally DDoS attacks through the compromised
zombies. Within the cloud system, especially the Infrastructureas-
a-Service (IaaS) clouds, the detection of zombie exploration
attacks is extremely difficult. This is because cloud users may
install vulnerable applications on their virtual machines. To
prevent vulnerable virtual machines from being compromised in
the cloud, we propose a multi-phase distributed vulnerability
detection, measurement, and countermeasure selection
mechanism called TDCCN, which is built on attack graph based
analytical models and reconfigurable virtual network-based
countermeasures. The proposed framework leverages Open
Flow network programming APIs to build a monitor and control
plane over distributed programmable virtual switches in order to
significantly improve attack detection and mitigate attack
consequences. The system and security evaluations demonstrate
the efficiency and effectiveness of the proposed solution.
Published In : IJCAT Journal Volume 1, Issue 4
Date of Publication : 31 May 2014
Pages : 73 - 76
Figures : 01
Tables : --
Publication Link : Track Detection and Countermeasure in Cloud
Networks (TDCCN)
Navya Y.U : Channabasaveshwara Institute of Technology(CIT), Gubbi, Karnataka, India
E G Satish : Nitte Meenakshi Institute of Technology(NMIT), Bangalore, Karnataka, India
Thara D.K : Channabasaveshwara Institute of Technology(CIT), Gubbi, Karnataka, India
[1] K. Kwon, S. Ahn, and J. Chung, “Network security
management using ARP spoofing,” Proc. Int’l Conf. on
Computational Science and Its Applications (ICCSA
’04), LNCS, vol. 3043, pp. 142–149, Springer, 2004.
[2] E. Keller, J. Szefer, J. Rexford, and R. B. Lee, “NoHype:
virtualized cloud infrastructure without the
virtualization,” Proc. of the 37th ACM ann. int’l symp.
on Computer architecture (ISCA ’10), pp. 350–361. Jun.
2010.
[3] S. H. Ahmadinejad, S. Jalili, and M. Abadi, “A hybrid
model for correlating alerts of known and unknown
attack scenarios and updating attack graphs,” Computer
Networks, vol. 55, no. 9, pp. 2221–2240, Jun. 2011
[4] B. Joshi, A. Vijayan, and B. Joshi, “Securing cloud
computing environment against DDoS attacks,” IEEE
Int’l Conf. Computer Communication and Informatics
(ICCCI ’12), Jan. 2012.
[5] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz,
A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I.
Stoica, and M. Zaharia “A view of cloud computing,”
ACM Commun., vol. 53, no. 4, pp. 50–58, Apr. 2010.
[6] O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. M.
Wing, “Automated generation and analysis of attack
graphs,” Proc. IEEE Symp. on Security and Privacy,
2002, pp. 273–284.
[7] “NuSMV: A new symbolic model checker,”
http://afrodite.itc.it: 1024/~nusmv. Aug. 2012.
[8] X. Ou and A. Singhal, Quantitative Security Risk
Assessment of Enterprise Networks. Springer, Nov. 2011.