Track Detection and Countermeasure in Cloud Networks (TDCCN)  
  Authors : Navya Y.U; E G Satish; Thara D.K

 

Cloud security is one of most important issues that have attracted a lot of research and development effort in past few years. Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as multi-step exploitation, low frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructureas- a-Service (IaaS) clouds, the detection of zombie exploration attacks is extremely difficult. This is because cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, we propose a multi-phase distributed vulnerability detection, measurement, and countermeasure selection mechanism called TDCCN, which is built on attack graph based analytical models and reconfigurable virtual network-based countermeasures. The proposed framework leverages Open Flow network programming APIs to build a monitor and control plane over distributed programmable virtual switches in order to significantly improve attack detection and mitigate attack consequences. The system and security evaluations demonstrate the efficiency and effectiveness of the proposed solution.

 

Published In : IJCAT Journal Volume 1, Issue 4

Date of Publication : 31 May 2014

Pages : 73 - 76

Figures : 01

Tables : --

Publication Link : Track Detection and Countermeasure in Cloud Networks (TDCCN)

 

 

 

Navya Y.U : Channabasaveshwara Institute of Technology(CIT), Gubbi, Karnataka, India

E G Satish : Nitte Meenakshi Institute of Technology(NMIT), Bangalore, Karnataka, India

Thara D.K : Channabasaveshwara Institute of Technology(CIT), Gubbi, Karnataka, India

 

 

 

 

 

 

 

Distributed Denial-of-Service (DDoS)

Infrastructure-as-a-Service (IaaS) clouds

network programming APIs

In this paper, we presented TDCCN, which is proposed to detect and mitigate collaborative attacks in the cloud virtual networking environment. TDCCN utilizes the attack graph model to conduct attack detection and prediction. The proposed solution investigates how to use the programmability of software switches based solutions to improve the detection accuracy and defeat victim exploitation phases of collaborative attacks. The system performance evaluation demonstrates the feasibility of TDCCN and shows that the proposed solution can significantly reduce the risk of the cloud system from being exploited and abused by internal and external attackers. TDCCN only investigates the network IDS approach to counter zombie explorative attacks. In order to improve the detection accuracy, host-based IDS solutions are needed to be incorporated and to cover the whole spectrum of IDS in the cloud system. This should be investigated in the future work. Additionally, as indicated in the paper, we will investigate the scalability of the proposed TDCCN solution by investigating the decentralized network control and attack analysis model based on current study.

 

 

 

 

 

 

 

 

 

[1] K. Kwon, S. Ahn, and J. Chung, “Network security management using ARP spoofing,” Proc. Int’l Conf. on Computational Science and Its Applications (ICCSA ’04), LNCS, vol. 3043, pp. 142–149, Springer, 2004.

[2] E. Keller, J. Szefer, J. Rexford, and R. B. Lee, “NoHype: virtualized cloud infrastructure without the virtualization,” Proc. of the 37th ACM ann. int’l symp. on Computer architecture (ISCA ’10), pp. 350–361. Jun. 2010.

[3] S. H. Ahmadinejad, S. Jalili, and M. Abadi, “A hybrid model for correlating alerts of known and unknown attack scenarios and updating attack graphs,” Computer Networks, vol. 55, no. 9, pp. 2221–2240, Jun. 2011

[4] B. Joshi, A. Vijayan, and B. Joshi, “Securing cloud computing environment against DDoS attacks,” IEEE Int’l Conf. Computer Communication and Informatics (ICCCI ’12), Jan. 2012.

[5] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, and M. Zaharia “A view of cloud computing,” ACM Commun., vol. 53, no. 4, pp. 50–58, Apr. 2010.

[6] O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. M. Wing, “Automated generation and analysis of attack graphs,” Proc. IEEE Symp. on Security and Privacy, 2002, pp. 273–284.

[7] “NuSMV: A new symbolic model checker,” http://afrodite.itc.it: 1024/~nusmv. Aug. 2012.

[8] X. Ou and A. Singhal, Quantitative Security Risk Assessment of Enterprise Networks. Springer, Nov. 2011.

 

 


All rights reserverd @ IJCAT Journal www.IJCAT.org