Abstract
Cloud computing platforms are developing fast nowadays. Due to their increasing complexity, hackers have more and more opportunities to attack them successfully. In this paper, we present an approach for detection internal and external DDoS attacks in cloud computing using data mining techniques. The main features of the cloud security component that implements suggested approach is an ability to detect both types of DDoS attacks and usage of data mining techniques. The component prototype is implemented in OpenStack cloud computing platform. The paper presents the results of the experiments with different types of DDoS attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Amazon Web Services, Inc.: Amazon Web Services (AWS) - Cloud Computing Services. https://aws.amazon.com
Bekeneva, Y., Borisenko, K., Shorov, A., Kotenko, I.: Investigation of DDoS attacks by hybrid simulation. In: Khalil, I., Neuhold, E., Tjoa, A.M., Xu, L.D., You, I. (eds.) ICT-EurAsia 2015 and CONFENIS 2015. LNCS, vol. 9357, pp. 179–189. Springer, Heidelberg (2015). doi:10.1007/978-3-319-24315-3_18
Choudhary, S., Srinivasan, B.: Usage of netflow in security and monitoring of computer networks. Int. J. Comput. Appl. 68, 17–24 (2013)
Cloudsecurityalliance.org.: Top Threats: Cloud Security Alliance. https://cloudsecurityalliance.org/research/top-threats
Delimitrou, C., Kozyrakis, C.: Security implications of data mining in cloud scheduling. IEEE Comput. Archit. Lett. 1-1 (2015)
Docs.openstack.org.: OpenStack Docs: Scenario: Legacy with Open vSwitch. http://docs.openstack.org/networking-guide/scenario_legacy_ovs.html
Dou, W., Chen, Q., Chen, J.: A confidence-based filtering method for DDoS attack defense in cloud environment. Future Gener. Comput. Syst. 29, 1838–1850 (2013)
Editor, L.: Cyberattacks and Distributed Denial of Service (DDoS) threats on financial firms produce big pay offs - Beyond Bandwidth. http://blog.level3.com/finance/cyberattacks-and-distributed-denial-of-service-ddos-threats-on-financial-firms-produce-big-pay-offs/
Garreta, R., Moncecchi, G.: Learning scikit-learn
Haag, P.: Watch your flows with NfSen and NFDUMP. 50th RIPE Meeting (2005)
Hall, D.: Ansible configuration management
Justin, P.: Virtual switching in an era of advanced edges. In: 2nd Workshop on Data Center–Converged and Virtual Ethernet Switching (2010)
Kaspersky DDoS Protection: Kaspersky Lab. http://media.kaspersky.com/kaspersky-ddos-protection-data-sheet.pdf
Milojičić, D., Llorente, I., Montero, R.: OpenNebula: a cloud management tool. IEEE Internet Comput. 15, 11–14 (2011)
Munz, G., Li, S., Carle, G.: Traffic anomaly detection using K-means clustering. In: GI/ITG Workshop MMBnet (2007)
Salesforce.com: What is Cloud Computing? - Salesforce UK. http://www.salesforce.com/uk/cloudcomputing/#where
Secucloud Web-Site: Secucloud. https://secucloud.com/en/company/about-us
Sefraoui, O., Aissaoui, M., Eleuldj, M.: OpenStack: toward an open-source solution for cloud computing. Int. J. Comput. Appl. 55, 38–42 (2012)
Vaughan-Nichols, S.: OpenFlow: the next generation of the network? Computer 44, 13–15 (2011)
Vieira, K., Schulter, A., Westphall, C., Westphall, C.: Intrusion detection for grid and cloud computing. IT Prof. 12, 38–43 (2010)
Zolotukhin, M., Hamalainen, T., Kokkonen, T., et al.: Data mining approach for detection of DDoS attacks utilizing SSL/TLS protocol. In: 15th International Conference, NEW2AN 2015, pp. 274–285. St. Petersburg, Russia (2015)
Acknowledgments
The paper has been prepared within the scope of the state project “Organization of scientific research” of the main part of the state plan of the Board of Education of Russia, the project part of the state plan of the Board of Education of Russia (task 2.136.2014/K) as well as supported by grant of RFBR # 16-07-00625, supported by Russian President's fellowship, as well as with the financial support of the Foundation for Assistance to Small Innovative Enterprises in the scientific and technical spheres.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Borisenko, K., Smirnov, A., Novikova, E., Shorov, A. (2016). DDoS Attacks Detection in Cloud Computing Using Data Mining Techniques. In: Perner, P. (eds) Advances in Data Mining. Applications and Theoretical Aspects. ICDM 2016. Lecture Notes in Computer Science(), vol 9728. Springer, Cham. https://doi.org/10.1007/978-3-319-41561-1_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-41561-1_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-41560-4
Online ISBN: 978-3-319-41561-1
eBook Packages: Computer ScienceComputer Science (R0)