International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org
Volume 4, Issue 11, November 2015 ISSN 2319 - 4847
1
2
1
Assoc.Prof in CSE,KMIT,Narayanguda,Hyderabad
2
Professor , Vice- Chancellor, S.V. University, Tirupati, A.P
A BSTRACT
Cloud Computing is the emerging technology where our present and future are dependent on this technology. At present most of businesses have shifted their computing paradigm to cloud computing. With Cloud Computing advantages are enormous but at the same time it is vulnerable to different kinds of attacks ( insiders and as well as out siders). This papers summarize various techniques to defend DDOS attacks in cloud computing .
Keywords: Cloud Computing, DDOS attacks, Intrusion Detection System
1.
I NTRODUCTION TO CLOUD COMPUTING [1]
Cloud computing is a Distributed computing construct environment that centers with respect to sharing calculations or assets. Really, mists are Internet-based and it tries to camouflage multifaceted nature for customers. Distributed computing alludes to both the applications conveyed as administrations over the Internet and the equipment and programming in the datacenters that give those administrations.
Cloud suppliers use virtualization advances joined with selfservice capacities for figuring assets through system foundation. In cloud situations, a few sorts of virtual machines are facilitated on the same physical server as framework.
In cloud, costumers must only pay for what they use and have not to pay for local resources which they need to such as storage or infrastructure. Nowadays, we have three types of cloud environments: Public, Private, and Hybrid clouds.
A public cloud is standard model which providers make several resources, such as applications and storage, available to the public. Public cloud services may be free or not. In public clouds which they are running applications externally by large service providers and offers some benefits over private clouds. Private Cloud refers to internal services of a business that is not available for ordinary people.
Essentially Private clouds are a marketing term for an architecture that provides hosted services to particular group of people behind a firewall.
Hybrid cloud is an environment that a company provides and controls some resources internally and has some others for public use. Also there is combination of private and public clouds that called Hybrid cloud. In this type, cloud provider has a service that has private cloud part which only accessible by certified staff and protected by firewalls from outside accessing and a public cloud environment which external users can access to it.
There are some issues regarding with Cloud Computing
Availability Management
Security
Monitoring
Configuration management
Counter Measure
2.
INTRODUCTION TO INTRUSION DETECTION SYSTEM [2]
Intrusion Detection Systems help information systems prepare for, and deal with attacks. They accomplish this by collecting information from a variety of systems and network sources, and then analyzing the information for possible security problems .
Intrusion detection provides the following:
1) Monitoring and analysis of user and system activity
2) Auditing of system configurations and vulnerabilities
3) Assessing the integrity of critical system and data files
4) Statistical analysis of activity patterns based on the matching to known attacks
5) Abnormal activity analysis
6) Operating system audit
Volume 4, Issue 11, November 2015 Page 111

International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org
Volume 4, Issue 11, November 2015 ISSN 2319 - 4847
There are three main components to the Intrusion detection system:
 Network Intrusion Detection system (NIDS) – performs an analysis for a passing traffic on the entire subnet.
Works in a promiscuous mode, and matches the traffic that is passed on the subnets to the library of knows attacks.
Once the attack is identified, or abnormal behavior is sensed, the alert can be send to the administrator. Example of the NIDS would be installing it on the subnet where you firewalls are located in order to see if someone is trying to break into your firewall.
 Network Node Intrusion detection system (NNIDS) – performs the analysis of the traffic that is passed from the network to a specific host. The difference between NIDS and NNIDS is that the traffic is monitored on the single host only and not for the entire subnet. The example of the NNIDS would be, installing it on a VPN device, to examine the traffic once it was decrypted. This way you can see if someone is trying to break into your VPN device.
 Host Intrusion Detection System (HIDS) – takes a snap shot of your existing system files and matches it to the previous snap shot. If the critical system files were modified or deleted, the alert is sent to the administrator to investigate. The example of the HIDS can be seen on the mission critical machines, that are not expected .
3.
ATTACKS IN CLOUD
[3]-[8]
Some of the attacks those are possible in cloud environment and their consequences.
1) Dos and DDOS Attacks: This kind of attack will make the cloud users not to access the service.
2) TCP hijacking: This type of attack will be hijacked by the intruder.
3) DNS attacks: This type of access attack will access more privilege than usual one.
4) Eaves dropping attacks: This type of attack modifies or adds a new packet.
5) Deep packet Inspection: In this type of attack malicious intruder will access network for information.
4.
EXISITING WORK TO DEFEND DDOS ATTACKS IN CLOUD ENVIRONMENT
Some of the techniques to defend DDoS attacks are discussed here.
4.1
Integrating Signature based Apriori based Network Intrusion in Cloud Computing[4]
Chirag N.Modi et.al. has presented a approach to reduce the impact of network attack. Attacks can be known attacks or un known attacks. Has used to SNORT to identify known attacks and unknown attacks are identified using frequent
Apriori based algorithm. An attack is considered based on minimum threshold and support. Authors have implemented in Linux environment and it can be implemented centralized or in distributed environment.
4.2
A Profile based Network Intrusion Detection and Prevention system for securing Cloud Environment[3]
Sanchika Gupta etal. Distinguished vulnerabilities in charge of surely understood system construct assaults in light of cloud and does a basic investigation on the efforts to establish safety accessible in cloud environment. This paper actualized securing assaults from insiders and pariahs utilizing system profiling. A profile is made for each virtual machine in cloud that depicts system conduct of every cloud client. In this the aggregate system movement at special area is sifted in light of VM's IP addresses. Interruption identification is performed on the bundles originating from a specific machine in light of its profile. VM profile depicts the assaults that are conceivable on it. After profile creation the information got from that virtual machine is searched for assaults whose marks are available in VM profile information base and match with assault signature database,and if a match happens it sends data to identification and notice segment.
This process has to be implemented completely. It is under process.
4.3 Securing Cloud Network Environment against Intrusion using Sequential algorithm. [5]
Mr R.Kumar proposed a multi-stage appropriated defenselessness recognition estimation, and counter measure choice component which is based on assault diagram based expository models. He proposed a gathering testing methodology sent on back end servers. Attackers are assumed to launch the application service request either at high interval rate or high work load or even both. By periodically monitoring the average response time to service requests and comparing them with the specific threshold values fetched from a legitimate profile each virtual server is associated with a negative or positive outcome by this identifying attacker from a pool of legitimate users. Sequential algorithm has been proposed to block the attackers. It will search sequentially and block the attacker node in transmission path. theoretical analysis has been done and has to implemented on DDOS attacks.
4.4
Attack Graph model : A New approach for DDOS attack detection in Cloud[6]
R.Jeena et.al. focused on providing security to virtual machines in the cloud system. Enhanced intrusion detection is proposed to provide security to cloud nodes by detecting DDOS attack. IDS is placed in the network switch to monitor all activities of nodes in cloud system. An attack graph is generated to find all possible attack paths. The details about the cloud system are stored in the service registry.
4.5 A Cooperative Intrusion Detection Model for Cloud Computing Networks.[7]
Shaaohua Teng et.al. proposed a collaborative intrusion detection architecture and E-CARGO model is used to model this system. Collaborative intrusion detection model consists of five components namely event generators, feature detector, statistical detector, fusion center, and response unit.
Volume 4, Issue 11, November 2015 Page 112

International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org
Volume 4, Issue 11, November 2015 ISSN 2319 - 4847
The event generators collect data from the networks and generate suspicious intrusion events. They submit the suspicious intrusion events to the feature and statistical detection agents. According to the network protocol, these suspicious intrusion events are divided into TCP events, UDP events and ICMP events.
5 CONCLUSION
Cloud computing is the State-of –art-of –technology but at the same time it is prone to vulnerabilities. Many of the authors have identified and tried to implement in practical and this is in process which has to fully implemented and deployed with low cost. Some of the methods which have been implemented are discussed in this paper.
References
[1] Farzad Sabahi, “Cloud Computing Security Threats and Responses” 978-1-61284-486-2/111$26.00 ©2011 IEEE
[2] SANS Institute InfoSec Reading Room .
[3] Sanchika Gupta et al “A Profile based Network Intrusion Detection and Prevention system for securing Cloud
Environment” Copyright © 2013 This is an open access article distributed under the Creative Commons
Attribution License .
[4] Chirag N. Modi “Integrating Signature based Apriori based Network Intrusion in Cloud Computing” 2nd
International Conference on Communication, Computing & Security (ICCCS-2012) Procedia Technology 6 ( 2012
) 905 – 912.
[5] Mr R.Kumar “Securing Cloud Network Environment against Intrusion using Sequential algorithm” International journal of Engineering and General Science Volume 3, Issue 1, January-February,2015.
[6] RJeena et.al. “Attack Graph model : A New approach for DDOS attack detection in Cloud” “ International Journal of Innovative Research in Computer and Communication Engineering Vol.3,Issue 2, February 2015.
[7] Shaohua Teng et.al “A Cooperative Intrusion Detection Model for Cloud Computing Networks” International
Journal of Security and its applications vol.8 N0.3 (2014) ,pp107-118 http://dx.doi.org/10.14257/ijsia.2014.8.3.12
.
[8] www.hindawi.com/journals/ijdsn/2013/364575/tab1
AUTHORS
Ms B.KIRANMAI
working as a Assoc.prof at KMIT ,Narayunguda. She completed M.Tech from
School of IT,JNTUH. Currently Pursuing her Ph.D. from JNTU Hyderabad. Her areas of interest are
Data Mining, Security.
Prof A.Damodaram
took over as a Vice-Chancellor 31 october 2015. Dr Damodaram joined as faculty of Computer Science &Engineering at JNTU,Hyderabad in the year 1989. In 2 ½ decades of dedicated service ,performed distinguished services for the university , as a Professor, Head of the
Department, Vice Principal, Director of UGC- Academic Staff College, Director of School of
Continuing & Distance Education , Director, University Academic Audit Cell, and Director of
Academic Planning. Dr Damodaram has successfully guided 23 Ph.D. and 2 cad
Scholars apart from a myriad of M.Tech projects. He is currently guiding 6 scholars for Ph.D.
Volume 4, Issue 11, November 2015 Page 113