Abstract
Distributed Denial of Service (DDoS) ranks among the top ten threats to the cloud computing environment. DDoS mainly targets limited resources of cloud like bandwidth and CPU thereby denying access to legitimate clients. DDoS attacks are initiated by a vast network of remotely controlled nodes called zombies. New forms of DDoS are invented every day. Therefore, DDoS preventive measures do not fully guarantee its mitigation. Detecting an attack and defending it as early as possible is critical for reducing the attack impact. The real solution to mitigate any attack is tracing back the attacker and punishing him. However, a real attacker will masquerade his identity using a spoofed address to avoid being traced back. The routing mechanism used on the internet does not have any memory of its own making traceback further difficult. Many businesses are reluctant to enter the cloud due to these DDoS vulnerabilities of the cloud. DDoS will affect network performance and may disrupt configuration information available in the system. In the event of DDoS, businesses will have to suffer reputation damage, customer agitation, and legal repercussions. Unless cloud is made secure, we cannot benefit from its full potential. Research on DDoS attacks and defense is in its infancy. DDoS defense and traceback is still an open and challenging problem. This paper presents basic types of DDoS and focuses more on DDoS prevention, detection, and traceback techniques.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Yu, S., Zhou, W. Doss, R., Jia, W.: Traceback of DDoS attacks using entropy variations. IEEE Trans. Parallel Distrib. Syst. 22(3), 412–425 (2011). https://doi.org/10.1109/TPDS.2010.97
Al-Duwairi, B., Govindarasu, M.: Novel hybrid schemes employing packet marking and logging for IP traceback. IEEE Trans. Parallel Distrib. Syst. 17(5), 403–418 (2006).
Yu, S., Zhou, W. Guo, S., Guo, M.: A feasible IP traceback framework through dynamic deterministic packet marking. IEEE Trans. Comput. 65(5), 1418–1427 (2016). https://doi.org/10.1109/TC.2015.2439287
Xiang, Y., Zhou, W., Guo, M.: Flexible deterministic packet marking: an IP traceback system to find the real source of attacks. IEEE Trans. Parallel Distrib. Syst. 20(4), 567–580 (2009)
Jin, G., Yang, J.: Deterministic packet marking based on redundant decomposition for IP traceback. IEEE Commun. Lett. 10(3), 204–206 (2006). https://doi.org/10.1109/LCOMM.2006.1603385
Yu, S., Zhou, W., Doss, R.: Information theory based detection against network behavior mimicking DDoS attacks. IEEE Commun. Lett. 12(4), 318–321 (2008). https://doi.org/10.1109/LCOMM.2008.072049
Yu, S., Guo, S., Stojmenovic, I.: Fool me if you can: mimicking attacks and anti-attacks in cyberspace. Comput. IEEE Trans. 64(1), 139–151 (2015)
Tseung, C.Y., Chow, K.P., Zhang, X.: Extended abstract: anti-DDoS technique using self-learning bloom filter. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 204–204. Beijing (2017). https://doi.org/10.1109/ISI.2017.8004917
Lonea, A.M., Popescu, D.E., Tianfield, H.: Detecting DDoS attacks in cloud computing environment. Int. J. Comput. Commun. Control 8(1), 70–78. https://doi.org/10.15837/ijccc.2013.1.170.
Sung, M., Xu, J.: IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks. In: Proceedings of the Tenth IEEE International Conference on Network Protocols, 2002. Paris, pp. 302–311. https://doi.org/10.1109/ICNP.2002.1181417
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Ramanujan, A., Varghese, B.A. (2021). A Survey on DDoS Prevention, Detection, and Traceback in Cloud. In: Palesi, M., Trajkovic, L., Jayakumari, J., Jose, J. (eds) Second International Conference on Networks and Advances in Computational Technologies. Transactions on Computational Science and Computational Intelligence. Springer, Cham. https://doi.org/10.1007/978-3-030-49500-8_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-49500-8_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-49499-5
Online ISBN: 978-3-030-49500-8
eBook Packages: Computer ScienceComputer Science (R0)