Abstract
Cloud computing is an internet based pay as use service which provides three type of layered services (Software as a Service, Platform as a Service and Infrastructure as a Service) to its consumer on demand. These on demand service facilities is being provide by cloud to its consumers in multitenant environment but as facility increases complexity and security problems also increase. Here all the resources are at one place in data centers. Cloud uses public and private APIs (Application Programming Interface) to provide services to its consumer in multitenant environment. In this environment Distributed Denial of Service attack (DDoS), especially HTTP, XML or REST based DDoS attacks may be very dangerous and may provide very harmful effects for availability of services and all consumers may get affected at the same time. One other reason is that because the cloud computing users make their request in XML and then send this request using HTTP protocol and build their system interface with REST protocol (such as Amazon EC2 or Microsoft Azure) hence XML attack more vulnerable. So the threaten coming from distributed REST attacks are more and easy to implement by the attacker, but to security expert very difficult to resolve. So to resolve these attacks this paper introduces a comber approach for security services called filtering tree. This filtering tree has five filters to detect and resolve XML and HTTP DDoS attack.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
Cloud Security Alliance (Online), https://cloudsecurityalliance.org/topthreats (viewed December 21, 2011)
Europe Network and Information Security Agency (Online), http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment (viewed January 21, 2012)
Microsoft Security Bulletin MS10 (Online), www.microsoft.com/technet/security/bulletin/ms10-070.mspx (updated October 26, 2011)
Security of data (Online), http://news.cnet.com/8301-138463-20052571-62 (viewed July 02, 2011)
Security labs Blog (Online), http://securitylabs.websense.com/content/Blogs/3402.asp (viewed November 21, 2011)
Nurmi, D., Wolski, R., Grzegorczyk, C., Obertellli, G., Soman, S., Youseff, L., Zagorodnov, D.: The Eucalyptus Open-source Cloud computing System, http://www.eucalyptus.com/whitepapers
Bhuya, R., Ranjan, R., Calheiros, R.N.: Modeling and Siulation of Scalable Cloud Computing Environments and the CloudSim Toolkit: Challenges and Opportunities. In: Proceedings of the 7th High Performance Computing and Simulation Conference, Leipzig, Germany, June 21-24 (2009)
Lin, C.-H., et al.: A Group Tracing and Filtering Tree for REST DDoS in Cloud Computing. International Journal of Degital Content Technology and its Applications 4(9) (December 2010)
Tuncer, T., Tatar, Y.: Detection SYN Flooding Attacks Using Fuzzy Logic. In: International Conference on Information Security and Assurance, ISA 2008, April 24-26, pp. 321–325 (2008)
Lu, L., et al.: A General Model of Probabilistic Packet Marking for IP Traceback. In: ASIACCS 2008, March 18-20. ACM, Tokyo (2008)
Chonka, A., Xiang, Y., Zhou, W., Bonti, A.: Cloud security defense to protect cloud computing against HTTP -DoS and XML-DoS attacks. Journal of Network and Computer Applications 34, 1097–1107 (2011)
Rahaman, M.A., Schaad, A., Rits, M.: Towards secure SOAP message exchange in a SOA. In: SWS 2006: Proceedings of the 3rd ACM Workshop on Secure Web Services, pp. 77–84. ACM Press (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Karnwal, T., Thandapanii, S., Gnanasekaran, A. (2013). A Filter Tree Approach to Protect Cloud Computing against XML DDoS and HTTP DDoS Attack. In: Abraham, A., Thampi, S. (eds) Intelligent Informatics. Advances in Intelligent Systems and Computing, vol 182. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32063-7_49
Download citation
DOI: https://doi.org/10.1007/978-3-642-32063-7_49
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32062-0
Online ISBN: 978-3-642-32063-7
eBook Packages: EngineeringEngineering (R0)