Using Cloud Computing to Combat DDOS Attacks Research Paper

Pages: 10 (3088 words)  ·  Style: APA  ·  Bibliography Sources: 20  ·  File: .docx  ·  Level: Doctorate  ·  Topic: Education - Computers

¶ … Cloud Computing to combat DDOS attacks

Cloud Computing to Protect Against DDOS Attacks

Distributed Denial of Service Attacks have pervaded the online computing and networking environment globally. Such attacks have disrupted the activities of major web search engines and have compromised the integrity of the online security network that institutions such as major multinational banks rely on to protect their consumers, everyday. DDOS represents 21st century modality of international war and the new way criminal hackers can create havoc on their rather unsuspecting victim. According to Vijayan, (2004), "A DDoS attack typically involves thousands of compromised "zombie" systems sending torrents of useless data, or requests for data, to targeted servers or networks." (Vijayan, 2004)

The DDoS attack is described by Yuan & Mills (2005), "A DDoS attack is a simulation network attack on a victim (T.G., a Web server or a router) from a large number of compromised hosts, which may be distributed widely among different, independent networks. By exploiting asymmetry between network-wide resources and local capacities of a victim, a DDoS attack can build up an intended congestion very quickly at an attacked target. The Internet routing infrastructure, which is stateless and based mainly on destination addresses, appears extremely vulnerable to such coordinated attacks." (Yaun, Mills, 2005)

Buy full Download Microsoft Word File paper
for $19.77
The problem is initially described by Lynn (2009), according to Lynn, "There has also been growing concern about the security and reliability of the cloud-based world in which both Google Docs and Apps reside. Recent incidents of Distributed Denial-of-Service, or DDoS, attacks have brought sites; other cloud-based platforms like Twitter and Facebook to standstills, albeit temporary ones. Even Google's mail service, Gmail, has had extended outages. Back in September, tens of millions of Gmail users were unable to access Gmail for about 100 minutes. The outage occurred after Google took some servers offline for routing maintenance and remaining routers just sort of died after becoming overloaded by network traffic." (Lynn, 2009)

Research Paper on Using Cloud Computing to Combat DDOS Attacks Assignment

Since DDoS utilizes its effectiveness via bombarding the bandwidth capabilities with strings of data packets that compile and produce a 'bottleneck' effect that renders the site as relatively inoperable, the ability to prevent this choke point is the answer to preventing DDoS attacks. There are ways to accomplish this outside of working with the cloud (computing), however, the cloud is easier and less expensive an alternative than systematically routing server to server randomly to confuse the DDoS attack and prevent the choke point.

According to Moss & Zierick (2011), "We believe the cloud holds the promise of being more secure than traditional computing models. The false sense of comfort that organizations gain from keeping security within their own four walls can lead to poor monitoring and over-zealous trust -- a challenge that by its very nature does not exist in outsourced activities such as cloud. The myth of the cloud is that you take your data and give it to a third party -- an oversimplification of cloud adoption. In reality, as organizations move to cloud technology they do so in a very deliberate fashion, often determined by the specific purpose or work they want to accomplish. When organizations look beyond these factors they will realize that cloud computing offers the opportunity to achieve, not only greater security of information, but also financial benefits and access to world-class security expertise." (Moss, Zierick, 2011)

Security in the cloud, according to Moss & Zierick (2011), "Once an organization has moved its data to the cloud it has lost all control of that data. Cloud computing is a security nightmare. An organization will have no control over who can see its data and even steal it. Yes, cloud vendors could have access to a better class of security experts, but the question is, will they? Or will they do like most companies and go for the cheapest talent around rather than the best talent around? Willie Sutton, a noted bank robber, is credited with saying that he robbed banks because "that's where the money is." The cloud vendors are going to be the largest target for focused attacks that try and get ALL of the data from cloud providers in a breach. Your data could get exposed through an attack on cloud providers that are hosting another high-profile company's data." (Moss, Zierick, 2011)

Recent computer attacks against companies including Visa and PayPal due to negating contact with the ill-famed WikiLeaks have decided to prepare for a global cyber war. According to Fowler & Tuna, (2010), "The Web industry offers an arsenal of weapons against denial-of-service attacks, often selling them as services to corporations that can't afford to set up those technologies in-house. Such services are often used to market the "cloud computing" industry, which urges corporations to move many of their computing tasks online to services that distribute the load across many servers, often in multiple locations." (Fowler, Tuna, 2010)

Additionally, according to Fowler & Tuna (2010), "Denial-of-service attacks are "the kind of thing that will never go away" says Rich Mogull, an analyst at research and consulting firm Securosis. But the more bandwidth a business has the less likely an attack is to succeed. Bringing down a large website like or PayPal isn't easy because such sites are used to dealing with large volumes of traffic. (Fowler, Tuna, 2010)

According to Connelly (2001), "The problem behind DDoS attacks is that, in the last decade, companies have become dependent on the Internet for communications and revenue. If you're Amazon, eBay, or Yahoo, to name a few companies for which the Internet is lifeblood, a DDoS attack that lasts hours can mean millions in lost revenue. Fortunately vendors are lining up with products and services for enterprises and ISPs that are designed to give potential victims the upper hand. Whether these are offered via a service model such as Arbor Networks' Peakflow, TrafficMaster Inspector, and Vantage System take a lot of the guesswork out of tracing DDoS assaults by using advanced router features that report on traffic flows moving via the router interfaces. The solutions nut information at the fingertips of network managers instead of forcing them to spend hours rubbing through system logs." (Connelly, 2001)

According to Information Weekly Online (2010), "Expect many current types of attacks to become more nuanced, including distributed denial of service (DDoS) attacks. Today, the majority involve brute force -- overwhelming targeted data centers and carriers backbone links with traffic, at a rate of sometimes more than 50 Gbps, said Craig Labovitz, chief scientist at Arbor Networks." (Information Weekly Online, 2010)

According to Information Week Online (2010), "But more pinpointed attacks are also growing more sophisticated and therefore more effective. "Service or application-level attacks may focus on a series of Web or API calls that force an expensive database transaction or calls to slow storage servers. Accordingly, attackers may spend weeks reconnoitering and identifying weak links, then unleash a highly tuned attack that is effective, yet may be barely noticeable. "Unlike massive DDoS traffic floods, application attacks can be far more subtle and may only register as increased load on servers or a precipitous drop in five-minute real-time sales revenue charts" said Labovitz." (Information Week Online, 2010)

According to Yuan & Mills (2003), "Unfortunately, an attack victim cannot defeat a flooding attack simply through detection. Instead, attack packets must be filtered in transit networks, preferably close to attack sources, before they converge on the victim. Attempts in transit networks to detect such attacks often lead to a high false-alarm rate. Similarly, networks hosting attack sources may observe only a normal outgoing pattern of Internet traffic, which shows a high variability. Most DDoS-related research has focused on detection mechanisms deployed near vulnerable servers, where incoming attack traffic could deny access to legitimate users. Many mechanisms attempt to detect attacks by analyzing specific features, e.g., header information, connection counts, correlations, and congestion." (Yuan, Mills, 2003)

According to Yuan & Mills (2003), "The approach we propose aims at monitoring network traffic at a macroscopic level in order to reveal dynamic shifts in congestion patterns, which might signal onset of a DDoS attack. Our method reveals possible attacks without observations near the victim. On the other hand, our technique cannot readily distinguish the cause of observed congestion, which might result from flash crowds or partial network outages, as well as from DDoS attacks. For this reason, our method can only serve as an alert function to trigger more detailed monitoring mechanisms, focused on particular points where congestion appears. Incorporating our approach could permit such processes to be activated only where and when needed. (Yuan, Mills, 2003)

According to Yuan, Mills, (2003), "Creating defenses for DDoS attacks requires monitoring dynamic network activities in order to obtain timely and significant information. While much current effort focuses on detecting constant-rate attacks, attack patterns appear likely to become more sophisticated. Our simulation results show that macroscopic-level monitoring could capture shifting traffic patterns during transient periods with relatively few observation points. (Yuan, Mills, 2003)

The method of detection proposed by Yuan & Mills (2003), is… [END OF PREVIEW] . . . READ MORE

Two Ordering Options:

Which Option Should I Choose?
1.  Buy full paper (10 pages)Download Microsoft Word File

Download the perfectly formatted MS Word file!

- or -

2.  Write a NEW paper for me!✍🏻

We'll follow your exact instructions!
Chat with the writer 24/7.

Cloud Computing Several Organizations Research Paper

Cloud Computing and the Insider Threats' Problems Literature Review

Cloud Computing and Data Security Term Paper

Cloud Computing Term Paper

Emerging Trends for Cloud Computing Facilitated by Advanced Biometric Technologies for Enhanced Security Thesis

View 200+ other related papers  >>

How to Cite "Using Cloud Computing to Combat DDOS Attacks" Research Paper in a Bibliography:

APA Style

Using Cloud Computing to Combat DDOS Attacks.  (2011, March 31).  Retrieved April 5, 2020, from

MLA Format

"Using Cloud Computing to Combat DDOS Attacks."  31 March 2011.  Web.  5 April 2020. <>.

Chicago Style

"Using Cloud Computing to Combat DDOS Attacks."  March 31, 2011.  Accessed April 5, 2020.