CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Vulnerability Bandwidth Depletion Attack on Distributed Cloud Computing Network: A QoS Perspective

by K.C. Okafor, Joy Anulika Okoye, Gordon Ononiwu
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 138 - Number 7
Year of Publication: 2016
Authors: K.C. Okafor, Joy Anulika Okoye, Gordon Ononiwu
10.5120/ijca2016908930

K.C. Okafor, Joy Anulika Okoye, Gordon Ononiwu . Vulnerability Bandwidth Depletion Attack on Distributed Cloud Computing Network: A QoS Perspective. International Journal of Computer Applications. 138, 7 ( March 2016), 18-30. DOI=10.5120/ijca2016908930

@article{ 10.5120/ijca2016908930,
author = { K.C. Okafor, Joy Anulika Okoye, Gordon Ononiwu },
title = { Vulnerability Bandwidth Depletion Attack on Distributed Cloud Computing Network: A QoS Perspective },
journal = { International Journal of Computer Applications },
issue_date = { March 2016 },
volume = { 138 },
number = { 7 },
month = { March },
year = { 2016 },
issn = { 0975-8887 },
pages = { 18-30 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume138/number7/24391-2016908930/ },
doi = { 10.5120/ijca2016908930 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:39:03.344124+05:30
%A K.C. Okafor
%A Joy Anulika Okoye
%A Gordon Ononiwu
%T Vulnerability Bandwidth Depletion Attack on Distributed Cloud Computing Network: A QoS Perspective
%J International Journal of Computer Applications
%@ 0975-8887
%V 138
%N 7
%P 18-30
%D 2016
%I Foundation of Computer Science (FCS), NY, USA
Abstract

A previous work on Airport Information Resource Management System (AIRMS) established that sophisticated attacks in the form of Denial of Service (DoS), Distributed DoS (DDoS), and related attacks are becoming the most effective schemes used by cyber terrorists on such enterprise systems. Similarly, a novel Smart Green Energy Management Distributed Cloud Computing Network (SGEM-DCCN) was developed as an extension to the work. Interestingly, the DCCN could be shut down by malicious attackers while running its renewable energy management cloud service. Consequently, this work presents a security model designed to improve the security architecture in a mission-critical DCCN running Enterprise Energy Tracking Analytic Cloud Portal (EETACP). As a result of the EETACP DCCN vulnerability to DoS attacks, this work employed a core OpenFlow gateway firewall to pre-empt DDoS attacks and subsequently mitigate such destructive vulnerabilities in the network. In this case, Vulnerability Bandwidth Depletion DDoS Attack (VBDDA) was detected using Cisco Nexus 9000 firewall as an embedded network device with support for Virtual DDoS protection in the DCCN threat mitigation design. Also, security Quality of Service (QoS) profiling was employed to ascertain the network behavior in terms of resource utilization and query response times. For DDoS traffic flows, the network metrics were compared under simulated firewall scenarios involving Cisco Application Policy Infrastructure Controller (Cisco APIC), Cisco Nexus 9000 Series multilayer Switches and Cisco Application Virtual Switch (AVS). It was concluded that with a robust firewall in place, VBDDA will be mitigated in DCCN infrastructure. This offers protection and reliability in the Smart Green Energy Management System architecture.

References
  1. W.Dou, Q.Chen, J. Chen, “A confidence-based filtering method for DDoS attack defense in cloud environment”, Future Generation Computer Systems 29 (2013) 1838–1850, Elsevier SciVerse ScienceDirect
  2. T. Peng, C. Leckie, K. Ramamohanarao, Survey of network-based defense mechanisms countering the DoS and DDoS problems, ACM Comput. Surv. 39 (1) (2007) 3.
  3. White paper-How to prevent DDOS attacks in a Service Provider Environment, Available Online: http://www.reply.eu/Documents/10943_img_SYTR12_Prevent_DDoS_attacks.pdf,Retrived 23rd, August, 2015
  4. K.C. Okafor, F.N.Ugwoke, Obayi.I A.A, O.U Oparaku,“The Impact of Distributed Cloud Computing Initiatives (DCCI) on Green Energy Management Using Cronbach's Alpha Test”, International Journal of Advanced Scientific and Technical Research, India. Issue 4, Volume 4, July-August 2014, Pp.853-865. Available online on http://www.rspublication.com/ijst/index.html ISSN 2249-9954.
  5. A. Chonka, J. Singh, W. Zhou, Chaos theory based detection against network mimicking DDoS attacks, IEEE Commun. Lett. 13 (9) (2009) 717–719.
  6. H. Liu, M.S. Kim, Real-time detection of stealthy DDoS attacks using timeseries decomposition, in: Communications (ICC), 2010 IEEE International Conference, 2010.
  7. Y. Kim, W.C. Lau, M.C. Chuah, H.J. Chao, Packetscore: a statistics-based packet filtering scheme against distributed denial-of-service attacks, IEEE Trans. Dependable Secure Comput. 3 (2) (2006) 141–155.
  8. F. Soldo, A. Markopoulou, K. Argyraki, Optimal filtering of source address prefixes: models and algorithms, in: Proc. IEEE INFOCOM, 2009.
  9. M.T. Goodrich, Probabilistic packet marking for large-scale IP traceback, IEEE/ACM Trans. Netw. 16 (1) (2008) 15–24.
  10. S. Yu, W. Zhou, R. Doss, W. Jia, Traceback of DDoS attacks using entropy variations, IEEE Trans. Parallel Distrib. Syst. 22 (3) (2011) 412–425.
  11. Mehmud Abliz, Internet Denial of Service Attacks and Defense Mechanisms”, University of Pittsburgh Technical Report, No. TR-11-178, March 2011, Pages 1-50.
  12. P. Gasti, G. Tsudik, E. Uzun, L. Zhang, “DoS & DDoS in Named-Data Networking”,
  13. F.N.Ugwoke, K.C.Okafor, V.C.Chijindu, “Security QoS Profiling against Cyber Terrorism in Airport Network Systems”, To appear in the 6th IEEE Cyber Abuja Conference, Abuja, Nigeria, 23-24 Nov.2015.
  14. H. Ballani, P. Francis, and X. Zhang. A Study of Prefix Hijacking and Interception in the Internet. SIGCOMM Comput. Commun. Rev., 37(4):265–276, August 2007.
  15. M. Lad, D.Massey, D. Pei, Y.Wu, B.Zhang, L. Zhang. Phas: a prefix hijack alert system. USENIX Security, August 2006.
  16. D.Dagon, M. Antonakakis, K.Day, X.Luo, C.P. Lee, and W. Lee. Recursive DNS architectures and vulnerability implications. In Network and Distributed System Security Symposium (NDSS09), 2009.
  17. The DNSSEC Protocol. http://tools.ietf.org/html/rfc2535.
  18. G. Loukas, “Defence Against Denial of Service in Self-Aware Networks”, PhD thesis, Intelligent Systems and Networks Group Dept. of Electrical & Electronic Engineering Imperial College London.
  19. B.Kurar , R.Tahboub, “Internet Scale DoS Attacks”, In International Journal of Applied Mathematics ,Electronics and Computers, IJAMEC, 2015, 3(2), Pp.83–89.
  20. G.M.Fernández, J. E. Díaz-Verdejo, and PG.Teodoro, “Mathematical Model for Low-Rate DoS Attacks Against Application Servers”, IEEE Transactions On Information Forensics And Security, Vol. 4, No. 3, September 2009, Pp.519-529. DOI: 10.1109/TIFS.2009.2024719 · Source: IEEE Xplore
  21. S.S. Chowriwar ,M.S. Mool, P.P.Sabale, S.S. Parpelli, N.Sambhe, “Mitigating Denial-of-Service Attacks Using Secure Service Overlay Model”, International Journal of Engineering Trends and Technology (IJETT) – Volume 8 Number 9- Feb 2014.
  22. SimonaRamanauskaitė, Antanas Čenys, “Composite Dos Attack Model”, System Engineering, Computer Technology, 2012 4(1): 20–26 doi:10.3846/mla.2011.05 Pp.20126
  23. Cisco IOS Firewall Design Guide, 2005, Cisco Systems Inc
  24. Huang, Q.; Kobayashi, H.; Liu, B. 2003a. Analysis of a new form of distributed denial of service attack, in Conference of Information Science and Systems. The Johns Hopkins University, 2003, March 12–14.
  25. K.C.Okafor “A Model for Smart Green Energy Management Using Distributed Cloud Computing Network”, Ph.D. Thesis, Dept. of Electronic Engineering, University of Nigeria Nsukka, 2015.
  26. Specht, S. M.; Lee, R. B, “Distributed denial of service: Taxonomies of attacks, tools and countermeasures”, in International Conference Parallel and Distributed Computing Dydtems. San Francisco, 2004, 15–17.
  27. Ramanauskaitė, S., “Modeling of SYN flooding attacks”, Jaunųjųmoks lininkųdarbai 2010, 26(1), 331–335.
  28. Online: https://www.incapsula.com/ddos/ddos-attacks/denial-of-service.html
  29. Online: http://www.arbornetworks.com/.
  30. Cisco Application Centric Infrastructure May 2014, Cisco Systems Inc.
  31. Riverbed Modeler Academic Edition release17.5 PL6.https://splash.riverbed.com/.../riverbed-modeller academic- edition-release, June 11, 2014.
  32. C.C. Udeze, K.C. Okafor, & C.C. Okezie, “MATLAB SimEvent: A Process Model Approach for Event-Based Communication Network Design (A Case for Reengineered DCN)”, Journal of Basic and Applied Sciences, 2(5), (2012), 5070–5080.
  33. http://www.colasoft.com/capsa/network_bandwidth_analyzer.php. Retrieved, 9th August, 2015.
  34. I.E. Achumba, K.C, Okafor, G.N.Ezeh, U.Diala, “OpenFlow Virtual Appliance: An Efficient Security Interface for Cloud Forensic Spyware Robot” In International Journal of Digital Crime and Forensics (IJDCF), July 2015, Vol. 7, No. 2, Pp.31-52., USA
Index Terms

Computer Science
Information Sciences

Keywords

Bandwidth Depletion Cloud Datacenters Smart Green Vulnerability Attacks Threat QoS Profiling DCCN OpenFlow Firewall Riverbed Modeller.

Powered by PhDFocusTM