Performance Modeling and Analysis of the EDoS-Shield Mitigation

F. Al-Haidari, K. Salah, M. Sqalli, S. M. Buhari

Research output: Contribution to journalArticlepeer-review

15 Scopus citations

Abstract

Cloud adoption by industry and governments has been on the rise for the past few years due to the obvious cloud technology advantages that include scalability, reliability, availability, agility, and cost efficiency. However, cloud security remains a main barrier for such adoption. Distributed denial of service (DDoS) attacks pose a serious security threat to cloud-hosted services and applications. In recent years, in addition to DDoS attacks, cloud systems are prone to be attacked by a new type of attacks known as economic denial of sustainability (EDoS). An EDoS attack targets the economic resources of the cloud adopter who gets billed and charged on a “pay-as-you-use” basis. In an EDoS attack, the attacker goal is to make the cloud system unaffordable and no longer economically acceptable for the cloud adopter. An EDoS-Shield is known to be an effective technique to mitigate such attacks, in which malicious requests are detected and dropped prior to reaching the cloud service nodes. In this paper, we model and study the performance of EDoS-Shield using queuing theory modeling. Various scenarios applicable to EDoS-shielding are considered and analyzed. We analyzed and compared the performance of proposed system in terms of key performance metrics which include response time, CPU utilization of allocated cloud compute resources, and system throughput.

Original languageBritish English
Pages (from-to)793-804
Number of pages12
JournalArabian Journal for Science and Engineering
Volume42
Issue number2
DOIs
StatePublished - 1 Feb 2017

Keywords

  • Cloud computing
  • Cloud security
  • DDoS attacks
  • EDoS attacks
  • Performance modeling and evaluation

Fingerprint

Dive into the research topics of 'Performance Modeling and Analysis of the EDoS-Shield Mitigation'. Together they form a unique fingerprint.

Cite this