Skip to main content
SpringerLink
Log in

Availability and reliability analysis of cloud computing under economic denial of sustainability (EDoS) attack: a semi-Markov approach

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Economic denial of sustainability (EDoS) attack is a new type of distributed denial of service (DDoS) attack which targets the economic resources of cloud adopters by exploiting the auto-scaling features of the cloud. EDoS attack has become a significant threat to cloud adopters as it can lead to bankruptcy or withdrawal from cloud services and this in turn entails unavailability of the cloud services. In fact, availability has been one of the most significant issues of cloud computing securities. To address this issue caused by an EDoS attack, we develop a novel state-based availability model of the cloud under the EDoS attack with the help of a semi-Markov process. Based on the proposed model, we determine the steady state availability of the cloud under the EDoS attack. In addition, we derive the mean time to failure (or reliability) of the cloud in the presence of the EDoS attack to characterize the period of time for which the cloud adopter experiences the state of being bankrupt or service unsustainable situation. Moreover, we present a cost management strategy to prevent the cloud adopter from undergoing bankruptcy or experiencing unexpected exorbitant bill by incorporating the cloud shutdown feature into the proposed model. Numerical illustrations are presented which give insights into how availability and reliability of the cloud services are affected by the EDoS attack. The proposed model is also validated via simulation evidences.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Heimovski, G.B., Turchetti, R.C., Wickboldt, J.A., Granville, L.Z., Duarte, E.P., Jr.: FT-Aurora: A highly available IaaS cloud manager based on replication. Comput. Netw. 168, (2020)

  2. Liu, B., Chang, X., Han, Z., Trivedi, K.S., Rodriguez, R.J.: Model-based sensitivity analysis of IaaS cloud availability. Future Gener. Comput. Syst. 83, 1–13 (2018)

    Article  Google Scholar 

  3. Al-Haidari, F., Sqalli, M., Salah, K.: Evaluation of the impact of EDoS attacks against cloud computing services. Arab. J. Sci. Eng. 40, 773–785 (2015)

    Article  Google Scholar 

  4. Baig, Z.A., Sait, S.M., Binbeshr, F.: Controlled access to cloud resources for mitigating Economic Denial of Sustainability (EDoS) attacks. Comput. Netw. 97, 31–47 (2016)

    Article  Google Scholar 

  5. Zhang, Q., Cheng, L., Boutaba, R.: Cloud Computing: State of the art and research challenges. J. Internet Serv. Appl. 1, 7–18 (2010)

    Article  Google Scholar 

  6. Al-Roomi, M., Al-Ebrahim, S., Buqrais, S., Ahmad, I.: Cloud computing pricing models: a survey. Int. J. Grid Distrib. Comput. 6(5), 93–106 (2013)

    Article  Google Scholar 

  7. Shawahna, A., Abu-Amara, M., Mahmoud, A.S.H., Osais, Y.: EDoS-ADS: an enhanced mitigation technique against economic denial of sustainability (EDoS) attacks. IEEE Trans. Cloud Comput. 8(3), 790–804 (2018)

  8. Wang, H., Xi, Z., Li, F., Chen, S.: Abusing public third-party services for edos-attacks, 10th USENIX Workshop on Offensive Technologies (WOOT 16), USENIX Association (2016)

  9. Prasad, K.M., Reddy, A.R.M., Rao, K.V.: DEFAD: ensemble classifier for DDOS enabled flood attack defense in distributed network environment. Clust. Comput. 21, 1765–1783 (2018)

    Article  Google Scholar 

  10. https://en.greatfire.org/blog/2015/mar/we-are-under-attack

  11. Wang, L., Yang, Z., Song, X.: SHAMC: a secure and highly available database system in multi-cloud environment. Future Gener. Comput. Syst. 105, 873–883 (2020)

    Article  Google Scholar 

  12. Balamurugan, V., Saravanan, R.: Enhanced intrusion detection and prevention system on cloud environment using hybrid classification and OTS generation. Clust. Comput. 22, S13027–S13039 (2019)

    Article  Google Scholar 

  13. Ficco, M.: Could emerging fraudulent energy consumption attacks make the cloud infrastructure costs unsustainable? Inf. Sci. 476, 474–490 (2019)

    Article  Google Scholar 

  14. Endo, P.T., Rodrigues, M., Goncalves, G.E., Kelner, J., Sadok, D.H.: High availability in clouds: systematic review and research challenges. J. Cloud Comput. 5(16), (2016)

  15. Basu, S., Bardhan, A., Gupta, K., Saha, P., Pal, M., Bose, M., Basu, K., Chaudhury, S., Sarkar, P.: Cloud Computing Security Challenges & Solutions—A Survey. IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC)(2018)

  16. Nabi, M., Toeroe, M., Khendek, F.: Availability in the cloud: state of the art. J. Netw. Comput. Appl.60, 54–67 (2016)

    Article  Google Scholar 

  17. Zhang, Q., Li, S., Li, Z., Xing, Y., Yang, Z., Dai, Y.: CHARM: a cost-efficient multi-cloud data hosting scheme with high availability. IEEE Trans. Cloud Comput. 3(3), 372–386 (2015)

    Article  Google Scholar 

  18. Nguyen, T.A., Min, D., Choi, E., Thang, T.D.: Reliability and availability evaluation for cloud data center networks using hierarchical models. IEEE Access 7, 9273–9313 (2019)

    Article  Google Scholar 

  19. Dantas, J., Matos, R., Araujo, J., Maciel, P.: Eucalyptus-based private clouds: availability modeling and comparison to the cost of a public, Cloud Comput. 97, 1121–1140 (2015)

    MathSciNet  MATH  Google Scholar 

  20. Ataie, E., Entezari-Maleki, R., Rashida, L., Trivedi, K.S., Ardagna, D., Movaghar, A.: Hierarchical stochastic models for performance, availability, and power consumption analysis of IaaS clouds. IEEE Trans. Cloud Comput. 7(4), 1039–1056 (2019)

    Article  Google Scholar 

  21. Matos, R., Dantas, J., Araujo, J., Trivedi, K.S., Maciel, P.: Redundant eucalyptus private clouds: availability modeling and sensitivity analysis. J. Grid Comput. 15, 1–22 (2017)

    Article  Google Scholar 

  22. Thananakornworakij, T., Nassar, R.F., Leangsuksun, C., Paun, M.: A reliability model for cloud computing for high performance computing applications. Euro-Par’12: Proceedings of the 18th International Conference on Parallel processing workshops, pp. 474–483 (2012)

  23. Li, R., Li, Q., Huang, N.: A simplified reliability analysis method for cloud computing systems considering common-cause failures. Proc. Institut. Mech. Eng. Part O 231(3), 324–333 (2017)

    Google Scholar 

  24. Kavin, B.P., Ganapathy, S.: A secure storage and privacy preserving model using CRT for providing security on cloud and IoT-based applications. Comput. Netw. 151, 181–190 (2019)

    Article  Google Scholar 

  25. Kavin, B.P., Ganapathy, S., Kanimozhi, U., Kannan, A.: An enhanced security framework for secured data storage and communications in cloud using ECC, access control and LDSA. Wirel. Personal Commun. 115, 1107–1135 (2020)

    Article  Google Scholar 

  26. Ganapathy, S., Vijayalakhsmi, M., Kannan, A.: An effective intrusion detection on cloud virtual machines using hybrid feature selection and multiclass classifier. Austral. J. Basic Appl. Sci. 9, 38–41 (2015)

    Google Scholar 

  27. Ganapathy, S., Vijayakumar, P., Yogesh, P., Kannan, A.: An intelligent CRF based feature selection for effective intrusion detection. Int. Arab. J. Inf. Technol. (IAJIT) 13(1), 44–45 (2016)

    Google Scholar 

  28. Yang, C.: Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment. Clust. Comput. 22, S8309–S8317 (2019)

    Article  Google Scholar 

  29. Saxena, R., Dey, S.: DDoS attack prevention using collaborative approach for cloud computing. Clust. Comput. 23, 1329–1344 (2020)

    Article  Google Scholar 

  30. Jaber, A.N., Rehman, S.U.: FCM-SVM based intrusion detection system for cloud computing environment. Clust. Comput. 23, 3221–3231 (2020)

    Article  Google Scholar 

  31. Monge, M.A.S., Vidal, J.M., Perez, G.M.: Detection of economin denial of sustainability (EDoS) threats in self-organizing networks. Comput. Commun. 145, 284–308 (2019)

    Article  Google Scholar 

  32. Dinh, P.T., Park, M.: Dynamic Economic-Denial-of-Sustainability (EDoS) Detection in SDN-based Cloud. Presented at the (2020)

  33. Morein, W.G., Stavrou, A., Cook, D.L., Keromytis, A.D., Misra, V., Rubinstein, D.: Using graphic turing tests to counter automated ddos attacks against web servers. Proceedings of the 10th ACM conference on Computer and communications security, ACM, 8 - 19 (2003)

  34. Bhargrava, K., Brewer, D., Li, K.: A study of URL redirection indicating spam, CEAS 2009—Sixth conference on Email and Anti-Spam (2009)

  35. Fielding, R., Reschke, J.: Hypertext transfer protocol (http/1.1): Semantics and contents (2014)

  36. Von Ahn, L., Maurer, B., McMillen, C., Abraham, D., Blum, M.: recaptcha: human-based character recognition via web security measures. Science 321(5895), 1465–1468 (2008)

    Article  MathSciNet  Google Scholar 

  37. Moore, D., Shannon, C., Brown, D.J., Voelker, G.M., Savage, S.: Inferring internet denial-of-service activity. ACM Trans. Comput. Syst. (TOCS) 24(2), 115–139 (2006)

    Article  Google Scholar 

  38. https://cloud.google.com/billing/docs/how-to/budgets

  39. https://docs.aws.amazon.com/AmazonCloudWatch

  40. https://cloud.google.com/billing/docs/how-to/notify

  41. Rausand, M., Hoyland, A.: System Reliability Theory: Models, Statistical Methods and Applications, 2nd edn. Wiley, New York (2004)

    MATH  Google Scholar 

  42. Xie, W., Hong, Y., Trivedi, K.S.: Analysis of a two-level software rejuvenation policy. Reliab. Eng. Syst. Saf. 87(1), 13–22 (2005)

    Article  Google Scholar 

  43. Lisnianski, A., Frenkel, I., Ding, Y.: Multi-state System Reliability Analysis and Optimization for Engineers and Industrial Managers. Springer-Verlag, London (2010)

    Book  Google Scholar 

  44. Trivedi, K.S.: Probability & Statistics with reliability, queuing and computer science applications, 2nd edn. Wiley, New York (2001)

Download references

Acknowledgements

One of the authors (K.C. Lalropuia) is grateful to the University Grant Commission (UGC), India, for granting him financial support through the CSIR-UGC Junior Research Fellowship (UGC-Ref. No.:1031).

Author information

Authors and Affiliations

  1. Department of Operational Research, University of Delhi, Delhi, India

    K. C. Lalropuia & Vandana Khaitan (nee Gupta)

Authors
  1. K. C. Lalropuia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vandana Khaitan (nee Gupta)
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vandana Khaitan (nee Gupta).

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lalropuia, K.C., Khaitan (nee Gupta), V. Availability and reliability analysis of cloud computing under economic denial of sustainability (EDoS) attack: a semi-Markov approach. Cluster Comput 24, 2177–2191 (2021). https://doi.org/10.1007/s10586-021-03257-9

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-021-03257-9

Keywords

Search

Navigation