research-article

A Modeling Approach to Classifying Malicious Cloud Users via Shuffling

Authors:

Yudong Yang,

Vishal Misra,

Dan RubensteinAuthors Info & Claims

ACM SIGMETRICS Performance Evaluation Review, Volume 46, Issue 2

Pages 6 - 8

https://doi.org/10.1145/3305218.3305222

Published: 17 January 2019 Publication History

Get Access

Abstract

DDoS attacks are still a serious security issue on the Internet. We explore a distributed Cloud setting in which users are mapped to servers where malicious users mapped to the same server can thwart the performance of legitimate users. By periodically shuffling the mapping of users to servers and observing how this affects successfully attacked servers, the malicious users can be identified. We use simple models to understand how to best score these observations to identify malicious users with well-defined levels of confidence.

References

[1]

Q. Jia, K. Sun, and A. Stavrou. Motag: Moving target defense against internet denial of service attacks. In Computer Communications and Networks (ICCCN), 2013 22nd International Conference on, pages 1--9. IEEE, 2013.

Crossref

Google Scholar

[2]

Q. Jia, H. Wang, D. Fleck, F. Li, A. Stavrou, and W. Powell. Catch me if you can: a cloud-enabled ddos defense. In Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pages 264--275. IEEE, 2014.

Digital Library

Google Scholar

[3]

Y.-H. Lin, J.-J. Kuo, D.-N. Yang, and W.-T. Chen. A cost-effective shuffling-based defense against http ddos attacks with sdn/nfv. In Communications (ICC), 2017 IEEE International Conference on, pages 1--7. IEEE, 2017.

Crossref

Google Scholar

[4]

Y. Shan, G. Kesidis, and D. Fleck. Cloud-side shuffling defenses against ddos attacks on proxied multiserver systems. In Proceedings of the 2017 on Cloud Computing Security Workshop, pages 1--10. ACM, 2017.

Digital Library

Google Scholar

[5]

T. Yamane. Statistics: An introductory analysis. 1973.

Google Scholar

Cited By

View all

Kampourakis VMakrakis GKolias C(2024)From Seek-and-Destroy to Split-and-Destroy: Connection Partitioning as an Effective Tool against Low-Rate DoS AttacksFuture Internet10.3390/fi1604013716:4(137)Online publication date: 19-Apr-2024
https://doi.org/10.3390/fi16040137
Almohri HAlmutawa MAlawadh MElish K(2020)A Client Bootstrapping Protocol for DoS Attack Mitigation on Entry Point Services in the CloudSecurity and Communication Networks10.1155/2020/88732582020Online publication date: 1-Jan-2020
https://dl.acm.org/doi/10.1155/2020/8873258

Recommendations

Cloud-Side Shuffling Defenses against DDoS Attacks on Proxied Multiserver Systems
CCSW '17: Proceedings of the 2017 on Cloud Computing Security Workshop

We consider a cloud based multiserver system, consisting of a set of replica application servers behind a set of proxy (indirection) servers which interact directly with clients over the Internet. We address cloud-side proactive and reactive defenses to ...
Game Theoretic Modeling of Malicious Users in Collaborative Networks

If a network is to operate successfully, its users need to collaborate. Collaboration takes the form of following a network protocol and involves some resource expenditure on the part of the user. Therefore, users cannot automatically be expected to ...
System Dynamics Approach to Malicious Insider Cyber-Threat Modelling and Analysis
Human Aspects of Information Security, Privacy and Trust
Abstract
Enforcing cybersecurity controls against malicious insiders touches upon complex issues like people, process and technology. In large and complex systems, addressing the problem of insider cyber threat involves diverse solutions like compliance, ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGMETRICS Performance Evaluation Review

ACM SIGMETRICS Performance Evaluation Review Volume 46, Issue 2

September 2018

95 pages

ISSN:0163-5999

DOI:10.1145/3305218

Editor:
Nidhi Hegde
Borealis AI

Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 January 2019

Published in SIGMETRICS Volume 46, Issue 2

Check for updates

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
71
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)1

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Kampourakis VMakrakis GKolias C(2024)From Seek-and-Destroy to Split-and-Destroy: Connection Partitioning as an Effective Tool against Low-Rate DoS AttacksFuture Internet10.3390/fi1604013716:4(137)Online publication date: 19-Apr-2024
https://doi.org/10.3390/fi16040137
Almohri HAlmutawa MAlawadh MElish K(2020)A Client Bootstrapping Protocol for DoS Attack Mitigation on Entry Point Services in the CloudSecurity and Communication Networks10.1155/2020/88732582020Online publication date: 1-Jan-2020
https://dl.acm.org/doi/10.1155/2020/8873258

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Cloud-Side Shuffling Defenses against DDoS Attacks on Proxied Multiserver Systems

Game Theoretic Modeling of Malicious Users in Collaborative Networks

System Dynamics Approach to Malicious Insider Cyber-Threat Modelling and Analysis

Comments

Published In

Publisher

Publication History

Check for updates

Qualifiers

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Recommendations

Cloud-Side Shuffling Defenses against DDoS Attacks on Proxied Multiserver Systems

Game Theoretic Modeling of Malicious Users in Collaborative Networks

System Dynamics Approach to Malicious Insider Cyber-Threat Modelling and Analysis

Comments

Information

Published In

Publisher

Publication History

Check for updates

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations