Abstract
Cloud computing is currently one of the fastest growing segments of IT. To date, and according to a recent survey conducted by the International Data Corporation, security is the biggest challenge to cloud computing. A cloud introduces resource-rich computing platforms, where adopters are charged based on the usage of the cloud’s resources, known as “pay-as-you-use” or utility computing. However, a conventional Distributed Denial-of-Service (DDoS) attack on server and network resources compromises cloud computing services by charging cloud adopters more cost due to the attack activities that consume cloud’s resources. In such case, the main goal of such attack is to make the cloud computing unsustainable by targeting the cloud adopter’s economic resources. Thus, it constitutes a new breed of DDoS attacks, namely Economic Denial of Sustainability (EDoS) attack. In this paper, we study the impact of EDoS attacks on the cloud computing services, considering only a single class of service. We developed an analytical model verified by a simulation model to study such impact of EDoS attacks on the cloud computing. The analytical model relies on the queuing model that captures the cloud services and considers a number of performance and cost metrics including end-to-end response time, utilization of computing resources, throughput, and the incurred cost resulting from the attack.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
Gartner, Gartner Identifies the Top 10 Strategic Technologies for 2013. Analysts Examine Latest Industry Trends During Gartner Symposium/ITxpo, Orlando (2012)
Hoff, C.: Cloud computing security: from DDoS (Distributed Denial Of Service) to EDoS (Economic Denial of Sustainability). Blog. http://rationalsecurity.typepad.com/blog/2008/11/cloud-computing-security-from-ddos-distributed-denial-of-service-to-edos-economic-denial-of-sustaina.html. Retrieved 27 Nov 2008
Zlomislic, V.; Fertalj, K.; Sruk, V.: Denial of service attacks: an overview. In: 9th Iberian Conference on Information Systems and Technologies (CISTI), Barcelona, pp. 1–6 (2014)
AWS Documentation, AWS Web Application Hosting for Microsoft Windows. http://docs.amazonwebservices.com/gettingstarted/latest/wah/web-app-hosting-intro.html?r=1052
Amazon, Amazon Load Balancer Service. http://aws.amazon.com/elasticloadbalancing/
Buyya, R.; Ranjan, R.; Calheiros, R.N.: InterCloud: utility-oriented federation of cloud computing environments for scaling of application services. In: The 10th International Conference on Algorithms and Architectures for Parallel Processing, Busan, Korea (2010)
Bellenger, D.; Bertram, J.; Budina, A.; Koschel, A.; et al.: Scaling in cloud environments. In: Proceedings of the 15th WSEAS International Conference on Computers, Wisconsin, pp. 145–150 (2011)
Idziorek, J.: Discrete event simulation model for analysis of horizontal scaling in the cloud computing model. In: Proceedings of the 2010 Winter Simulation Conference, pp. 3004–3014 (2010)
Amazon Auto Scaling Developer Guide. Amazon Web Services LLC (2012)
Web application hosting in the AWS cloud: best practices. Amazon Web Services LLC (2010)
Chen, H.; Li, S.: A queueing-based model for performance management on cloud. In: 6th International Conference on Advanced Information Management and Service (IMS), Seoul, pp. 83–88 (2011)
Arlitt M., Williamson C.: Internet web servers: workload characterization and performance implications. IEEE/ACM Trans. Netw. 5(5), 815–826 (1997)
Walraevens J., Wittevrongel S., Bruneel H.: Performance analysis of a priority queue with session-based arrivals and its application to E-commerce web servers. Int. J. Adv. Internet Technol. 2(1), 46–57 (2009)
Liu Z., Niclausse N., Jalpa C.: Traffic model and performance evaluation of web servers. Perform. Eval. 46(2–3), 77–100 (2001)
Nan, X.; He, Y.; Guan, L.: Optimal resource allocation for multimedia cloud based on queuing model. In: IEEE MMSP, pp. 1–6 (2010)
Calheiros, R.; Ranjan, R.; Buyya, R.: Virtual machine provisioning based on analytical performance and QoS in cloud computing environments. In: International Conference on Parallel Processing (ICPP), Taipei City, pp. 295–304 (2011)
Pal, R.; Hui, P.: Economic models for cloud service markets. Lecture Notes in Computer Science, Distributed Computing and Networking,vol. 7129, pp. 382–396. Springer (2012)
Shi, Y.; Jiang, X.; Ye K.: An energy-efficient scheme for cloud resource provisioning based on cloudSim. In: 2011 IEEE International Conference on Cluster Computing (CLUSTER), Austin, TX, pp. 595–599 (2011)
Scheinhardt, W.: Markov-modulated and feedback fluid queues. Ph.D. Thesis, University of Twente, the Netherlands. http://www.ub.utwente.nl/webdocs/tw/1/t0000008.pdf (1998)
Shen X., Chen H., Dai J., Dai W.: The finite element method for computing the stationary distribution of an SRBM in a hypercube with applications to finite buffer queueing networks. Queueing Syst. 42(1), 33–62 (2002)
Dawoud, W.; Takouna, I.; Meinel, C.: Elastic VM for rapid and optimum virtualized resources’ allocation. In: 5th International DMTF Academic Alliance Workshop on Systems and Virtualization Management (SVM), Paris, pp. 1–4 (2011)
Intel 82599 10 gigabit Ethernet controller. Intel (2009). http://download.intel.com/design/network/prodbrf/321731.pdf
Dong, Y.; Yang, X.; LI, X.; Tian, K.; Guan, H.: High performance network virtualization with SR-IOV. In: IEEE International Symposium on High Performance Computer Architecture (HPCA) (2010)
Sutton C., Jordan M.I.: Bayesian inference for queueing networks and modeling of internet services. Inst. Math. Stat. Ann. Appl. Stat. 5(1), 254–282 (2011)
Do T., Krieger U.R., Chakka R.: Performance modeling of an apache web server with a dynamic pool of service processes. Telecommun. Syst. 39(2), 117–129 (2008)
Bi, J.; Zhu, Z.; Tian, R.; Wang, Q.: Dynamic provisioning modeling for virtualized multi-tier applications in clouddata center. In: Proceedings of IEEE 3rd International Conference on Cloud Computing (CLOUD 2010), pp. 370–377 (2010)
Singh, R.; et al.: Autonomic mix-aware provisioning for non-stationary data center workloads. In: Proceedings of the 7th International Conference on Autonomic Computing, USA (2010)
Kossmann, D.; Kraska, T.; Loesing, S.: An evaluation of alternative architectures for transaction processing in the cloud. In: Proceedings of International Conference on Management of Data (SIGMOD) (2010)
Kihl, M.; Cedersjö, G.; Robertsson, A.; Aspernäs, B.: Performance measurements and modeling of database servers. In: Sixth International Workshop on Feedback Control Implementation and Design in Computing Systems and Networks (FeBID 2011) (2011)
Gross D., Shortle J.F., Thompson J.M., Harris C.M.: Fundamentals of Queuing Theory. Wiley, New York (2008)
Little J.: A proof for the queuing formula: \({{\rm L} = \lambda{W}}\). Oper. Res. 9(3), 383–387 (1961)
Liu, H.: A new form of DOS attack in a cloud and its avoidance mechanism. In: Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop, Chicago, pp. 65–76 (2010)
Singh N., Ghrera S.P., Chaudhuri P.: Denial of service attack: analysis of network traffic anormaly using queuing theory. J. Comput. Sci. Eng. 1(1), 48–54 (2010)
Wang Y., Lin C., Li Q., Fang Y.: A queueing analysis for the denial of service (DoS) attacks. Comput. Netw. 51, 3564–3573 (2007)
Boteanu, D.; Fernandez, J.M.; McHugh, J.; Mullins, J.: Queue management as a DoS counter-measure? In: Garay, J.A.; Lenstra, A.K.; Mambo, M.; Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 263–280. Springer, Heidelberg (2007)
Amazon EC2 Pricing. http://aws.amazon.com/ec2/pricing/
Law A., Kelton W.: Simulation Modeling and Analysis, 3rd edn. McGraw-Hill, New York (2000)
Jain R.: The Art of Computer Systems Performance Analysis. Wiley, New York (1991)
Catteddu, D., Hogben G.: Cloud computing: benefits, risks and recommendations for information security. Technical Report, European Network and Information Security Agency (2009)
Islam, S.; Lee, K.; Fekete, A.; Liu, A.: How a consumer can measure elasticity for cloud platforms. Technical Report, School of Information Technology, Univercity of Sydeny (2011)
Xiong, K.; Perros, H.: Service performance and analysis in cloud computing. In: SERVICES ’09: Proceedings of the 2009 Congress on Services—I (2009)
Hu, Y.; Wong, J.; Iszlai, G.; Litoiu, M.: Resource provisioning for cloud computing. In: Proceedings of the 2009 Conference of the Centerfor Advanced Studies on Collaborative Research (CASCON ’09), ACM, pp. 101–111 (2009)
Sqalli, M.; Al-Haidari, F.; Salah, K.: EDoS-Shield—a two-steps mitigation technique against EDoS attacks in cloud computing. In: Fourth IEEE International Conference on Utility and Cloud Computing (UCC 2011), Victoria, NSW, pp. 49–56 (2012)
Al-Haidari, F.; Sqalli, M.H.; Salah, K.: Enhanced EDoS-shield for mitigating EDoS attacks originating from spoofed IP addresses. In: The 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Liverpool, United Kingdom, pp. 1167–1174, 25–27 June 2012 (2012)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Al-Haidari, F., Sqalli, M. & Salah, K. Evaluation of the Impact of EDoS Attacks Against Cloud Computing Services. Arab J Sci Eng 40, 773–785 (2015). https://doi.org/10.1007/s13369-014-1548-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13369-014-1548-y