Darac: DDoS mitigation using DDoS aware resource allocation in cloud

Gaurav Somani, Abhinav Johri, Mohit Taneja, Utkarsh Pyne, Manoj Singh Gaur, Dheeraj Sanghi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

19 Citations (Scopus)

Abstract

Internet-based computing has lead to an emergence of a large number of threats. One of the major threat is DDoS (Distributed Denial of Service) attack. Recent incidents have shown that DDoS attacks have the capability of shutting a business not for a day but weeks. DDoS attacks have a greater impact on multi-tenant clouds than traditional infrastructure. DDoS attacks in the cloud, take the shape of EDoS (Eco- nomic denial of sustainability) attacks. In EDoS, instead of “Service Denial”, economic harms occur due to fake resource usage and subse- quent addition or buying of resources using on-demand provisioning. To detect and mitigate DDoS attacks in the cloud, we argue that on-demand resource allocation (known as auto-scaling) should also be looked, in addition to network or application layer mitigation. We have proposed a novel mitigation strategy, DARAC, which makes auto-scaling decisions by accurately differentiating between legitimate requests and attacker traffic. Attacker traffic is detected and dropped based on human behav- ior analysis based detection. We also argue that most of the solutions in the literature, do not pay much attention to the service quality to legitimate requests during an attack. We calculate the share of legiti- mate clients in resource addition/buying and make subsequent accurate auto-scaling decisions. Experimental results show that DARAC mitigates various DDoS attack sets and take accurate and quick auto-scaling deci- sions for various legitimate and attacker traffic combinations saving from EDoS. We also show how proposed mechanism could make “arms-race” very difficult for the attackers as the resource need to defeat DARAC mechanism on a very small capacity server is huge. Results also show significant improvements in the average response time of the web-service under attack, in addition to infrastructure cost savings up to 50% in heavy attack cases.

Original languageEnglish
Title of host publicationInformation Systems Security - 11th International Conference, ICISS 2015, Proceedings
EditorsSushil Jajodia, Chandan Mazumdar
PublisherSpringer
Pages263-282
Number of pages20
ISBN (Print)9783319269603
DOIs
Publication statusPublished - 2015
Externally publishedYes
Event11th International Conference on Information Systems Security, ICISS 2015 - Kolkata, India
Duration: 16 Dec 201520 Dec 2015

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9478
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference11th International Conference on Information Systems Security, ICISS 2015
Country/TerritoryIndia
CityKolkata
Period16/12/201520/12/2015

Fingerprint

Dive into the research topics of 'Darac: DDoS mitigation using DDoS aware resource allocation in cloud'. Together they form a unique fingerprint.

Cite this