Defending the Virtual Infrastructure of Cloud Computing from Denial of Service Attack

Aderaw, Semma (2014) Defending the Virtual Infrastructure of Cloud Computing from Denial of Service Attack. Masters thesis, Addis Ababa University.

[img] PDF (Defending the Virtual Infrastructure of Cloud Computing from Denial of Service Attack)
Aderaw, Semma.pdf - Accepted Version
Restricted to Repository staff only

Download (2MB) | Request a copy


Cloud Computing is a new computing model and its security aspects require special considerations. Now a day’s Denial of Service (DoS) attacks are harmful elements of computer networks and it is one of the most harmful security aspects to attack the cloud environment. The rapid advances in processor, memory, and Internet technology have enabled the development of cloud based networks. All these resources are available for attackers like any user, and they have their own motivations to apply DoS attacks effectively by exhausting the resources of the cloud and inhibit the normal relation between the cloud services providers and the cloud legitimate users. This problem requires developing a novel mitigation mechanism that maintains the normal interaction within the cloud world. Many defending mechanisms of this attack have been proposed to mitigate the impact of the attacks. This thesis work is done to mitigate DoS attacks on the cloud computing environment through a packet analysis approach in the mitigation process. To complete our work, we propose a DoS attack mitigation architectural framework on cloud computing infrastructure to mitigate DoS attacks. In addition, we consider four basic components in our architectural framework that work in coordinated manner to implement the mitigation process. The components of our architectural framework are Data Management Unit, Bandwidth Analyzer, Packet Analyzer, and Timestamp Unit. To show our results, we used simulation based testing on the DoS attack mitigation using the OPNET simulation tool. In order to demonstrate the mitigation process our simulation uses three scenarios baseline, DoS attack and mitigation. In our investigation, we assess the effectiveness of our mitigation process for SYN flooding attack on the cloud infrastructure. So, our evaluation on the simulation demonstrates that the comparison result on the baseline, DoS attack and mitigation scenarios helps to observe the Traffic Sent, Response Time, Processing Delay, and Network Traffic Load on the cloud among the three scenarios. From the output of the simulation results we conclude the DoS attack impact is higher due to the bogus traffic but the mitigation graph is above than the baseline graph because it sends packets in filtered and optimized form during the mitigation process.

Item Type: Thesis (Masters)
Uncontrolled Keywords: Security, Denial of Service Attack, Distributed Denial of Service Attack, IaaS, Service Availability on Cloud Computing
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Q Science > QA Mathematics > QA76 Computer software
Divisions: Africana
Depositing User: Selom Ghislain
Date Deposited: 25 Jun 2018 11:56
Last Modified: 25 Jun 2018 11:56

Actions (login required)

View Item View Item