Skip to main content
SpringerLink
Log in

Network flow analysis for detection and mitigation of Fraudulent Resource Consumption (FRC) attacks in multimedia cloud computing

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Multimedia computing has evolved as a remarkable technology which provides services to view, create, edit, process, and search multimedia contents. All these multimedia services have high computational, bandwidth, and storage requirements. Therefore, multimedia cloud computing has gained appreciable popularity and acceptance in the past one decade. The convenience of cloud computing comes with financial burden. One of the fundamental features of cloud computing, which helps in reducing the financial worries of the multimedia service providers is the cloud’s pay-as-you-go pricing model. However, the cloud’s pricing model has also attracted adversaries that have hindered the migration of services and/or data by various organisations to the cloud. Through the cloud’s pay-as-you-go pricing model, attackers usually target the financial viability of the cloud customers. Therefore, such attacks are capable to affect the long term availability of multimedia-services hosted on the public cloud. These attacks are known as Fraudulent Resource Consumption (FRC) attack. Therefore, research in the area of FRC attack detection and mitigation is important in motivating the organisations to adopt the public cloud platform. In this paper, we propose a novel approach based on network flow analysis at the victim side to detect and mitigate the FRC attacks against cloud-based services. Experiments were conducted using real world benchmark datasets to evaluate the performance of the proposed approach. Experimental outcomes suggest that our proposed approach is able to detect and mitigate the FRC attacks with satisfactory accuracy and low overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19

Similar content being viewed by others

References

  1. Al-Haidari F, Sqalli MH, Salah K (2012) Enhanced EDoS-Shield for Mitigating EDoS Attacks Originating from Spoofed IP Addresses. In: IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, Liverpool, pp 1167–1174

  2. Arun P, Kumar R, Selvakumar S (2013) Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Comput Commun, Elsevier 36(3):303–319

    Article  Google Scholar 

  3. Atat R, Liu L, Chen H, Wu J, Li H, Yi Y (2017) Enabling cyber-physical communication in 5G cellular networks: challenges, spatial spectrum sensing, and cyber-security. IET Cyber-Phys Syst: Theor Appl 2(1):49–54

    Google Scholar 

  4. Baig ZA, Sait SM, Binbeshr F (2016) Controlled access to cloud resources for mitigating Economic Denial of Sustainability (EDoS) attacks. Comput Netw, Elsevier 97:31–47

    Article  Google Scholar 

  5. Bhushan K, Gupta BB (2017) A novel approach to defend multimedia flash crowd in cloud environment. Multimed Tools Appl 1–31. Springer

  6. Bhuyan MH, Bhattacharyya DK, Kalita JK (2015) An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recogn Lett. Elsevier 51:1–7

    Article  Google Scholar 

  7. Bushell D In Search of The Best CAPTCHA”, https://www.smashingmagazine.com/2011/03/in-search-of-the-perfect-captcha/. Accessed 3 Sept 2017

  8. Buyya R, Broberg J, Goscinski A (2011) CLOUD COMPUTING: principles and paradigms. Wiley, Hoboken

    Book  Google Scholar 

  9. Chang X, Yang Y (2017) Semisupervised feature analysis by mining correlations among multiple tasks. IEEE Trans Neural Netw Learn Syst 28(10):2294–2305

    Article  MathSciNet  Google Scholar 

  10. Chang X, Yu YL, Yang Y, Xing EP (2017) Semantic pooling for complex event analysis in untrimmed videos. IEEE Trans Pattern Anal Mach Intell 39(8):1617–1632

    Article  Google Scholar 

  11. Chang X, Ma Z, Yang Y, Zeng Z, Hauptmann AG (2017) Bi-level semantic representation analysis for multimedia event detection. IEEE Trans Cybern 47(5):1180–1197

    Article  Google Scholar 

  12. Chang X, Ma Z, Lin M, Yang Y, Hauptmann A (2017) Feature Interaction Augmented Sparse Learning for Fast Kinect Motion Detection. IEEE Trans Image Process 26(8):3911–3920

    Article  MathSciNet  MATH  Google Scholar 

  13. Chen Y, Hwang K (2006) Collaborative detection and filtering of shrew DDoS attacks using spectral analysis. J Parallel Distrib Comput, Elsevier 66(9):1137–1151

    Article  MATH  Google Scholar 

  14. DARPA Intrusion Detection Evaluation Data Set, MIT Lincoln Laboratory 1999 [Online]. https://ll.mit.edu/ideval/data/1999data.html. Accessed 3 Sept 2017

  15. Feitosa E, Souto E, Sadok DH (2012) An orchestration approach for unwanted internet traffic identification. Comput Netw, Elsevier 56(12):2805–2831

    Article  Google Scholar 

  16. Hoff C (2008) Cloud Computing Security: From DDoS (Distributed Denial Of Service) to EDoS (Economic Denial of Sustainability), http://www.rationalsurvivability.com/blog/2008/11/cloud-computing-security-from-ddos-distributed-denial-of-service-to-edos-economic-denial-of-sustainability/. Available online, Accessed on 16/08/2017]

  17. Idziorek J, Tannian M (2011) Exploiting cloud utility models for profit and ruin. In: IEEE International Conference on Cloud Computing (CLOUD). Washington DC, pp 33–40

  18. Idziorek J, Tannian M, Jacobson D (2011) Detecting fraudulent use of cloud resources. In: Proceedings of the 3rd ACM workshop on Cloud computing security workshop (CCSW '11), NY, USA, pp 61–72

  19. Idziorek J, Tannian M, Jacobson D (2012) Attribution of Fraudulent Resource Consumption in the Cloud. In: IEEE Fifth International Conference on Cloud Computing, Honolulu, pp 99–106

  20. Idziorek J, Tannian MF, Jacobson D (2013) The Insecurity of Cloud Utility Models. IT Prof IEEE 15(2):22–27

    Article  Google Scholar 

  21. Jouini M, Rabai LBA (2016) A Security Framework for Secure Cloud Computing Environments. Int J Cloud Appl Comput (IJCAC) 6(3):32–44

    Google Scholar 

  22. Khor SH, Nakao A (2009) spow: On-demand cloud-based eddos mitigation mechanism. HotDep (Fifth Workshop on Hot Topics in System Dependability), Lisbon

    Google Scholar 

  23. Koduru A, Neelakantam T, Saira Bhanu SM (2013) Detection of Economic Denial of Sustainability Using Time Spent on a Web Page in Cloud. In: IEEE International Conference on Cloud Computing in Emerging Markets (CCEM), Bangalore, pp 1–4

  24. Kumar MN et al (2012) Mitigating Economic Denial of Sustainability (EDoS) in Cloud Computing Using In-cloud Scrubber Service. In: Fourth International Conference on Computational Intelligence and Communication Networks, Mathura, pp 535–539

  25. Li J, Li YK, Chen X, Lee PPC, Lou W (2015) A Hybrid Cloud Approach for Secure Authorized Deduplication. IEEE Trans Parallel Distrib Syst 26(5):1206–1216

    Article  Google Scholar 

  26. Li J, Liu Z, Chen X, Xhafa F, Tan X, Wong DS (2015) L-EncDB: a lightweight framework for privacy preserving data queries in cloud computing. Knowl-Based Syst, Elsevier 79:18–26

    Article  Google Scholar 

  27. Li J, Li J, Chen X, Jia C, Lou W (2015) Identity-based Encryption with Outsourced Revocation in Cloud Computing. IEEE Trans Comput 64(2):425–437

    Article  MathSciNet  MATH  Google Scholar 

  28. Li P, Li J, Huang Z, Li T, Gao C-Z, Yiu S-M, Chen K (2017) Multi-key privacy-preserving deep learning in cloud computing. Futur Gener Comput Syst 74:76–85

    Article  Google Scholar 

  29. Li P, Li J, Huang Z, Gao C-Z, Chen W-B, Chen K (2017) Privacy-preserving outsourced classification in cloud computing. Clust Comput:1–10. https://doi.org/10.1007/s10586-017-0849-9

  30. Li J, Zhang Y, Chen X, Yang X (2018) Secure attribute-based data sharing for resource-limited users in cloud computing. Comput Secur 72:1–12. https://doi.org/10.1016/j.cose.2017.08.007

    Article  Google Scholar 

  31. Luo H, Lin Y, Zhang H, Zukerman M (2013) Preventing DDoS attacks by identifier/locator separation. IEEE Netw 27(6):60–65

    Article  Google Scholar 

  32. Maciá-Fernández G, Rodríguez-Gómez RA, Díaz-Verdejo JE (2010) Defense techniques for low-rate DoS attacks against application servers. Comput Netw. Elsevier 54(15):2711–2727

    Article  MATH  Google Scholar 

  33. Maksoudian YL (1969) Probability and statistics with applications. International textbook company, Pennsylvania

    Google Scholar 

  34. Masood M, Anwar Z, Raza SA, Hur MA (2013) EDoS Armor: A cost effective economic denial of sustainability attack mitigation framework for e-commerce applications in cloud environments. INMIC, Lahore, pp 37–42

    Google Scholar 

  35. Mell P, Grance T (2011) SP 800-145. the NIST Definition of Cloud Computing. Technical Report, NIST, Gaithersburg

  36. Moore D et al (2006) Inferring internet denial-of-service activity. ACM Trans Comput Syst (TOCS) 24(2):115–139

    Article  Google Scholar 

  37. Ouf S, Nasr M (2015) Cloud Computing: The Future of Big Data Management. Int J Cloud Appl Comput (IJCAC) 5(2):53–61

    Google Scholar 

  38. Ratten V (2015) Cloud Computing Technology Innovation Advances: A Set of Research Propositions. Int J Cloud Appl Comput (IJCAC) 5(1):69–76

    Google Scholar 

  39. Sqalli MH, Al-Haidari F, Salah K (2011) EDoS-Shield - A Two-Steps Mitigation Technique against EDoS Attacks in Cloud Computing. In: Fourth IEEE International Conference on Utility and Cloud Computing. Victoria, NSW, pp 49–56

  40. The CAIDA UCSD (2007) DDoS Attack. Dataset [Online]. http://www.caida.org/data/passive/ddos-20070804_dataset.xml. Accessed 3 Sept 2017

  41. Wu J, Guo S, Li J, Zeng D (2016) Big data meet green challenges: Big data toward green applications. IEEE Syst J 10(3):888–900

    Article  Google Scholar 

  42. Wu J, Guo S, Li J, Zeng D (2016) Big data meet green challenges: Greening big data. IEEE Syst J 10(3):873–887

    Article  Google Scholar 

  43. Xiang Y, Li K, Zhou W (2011) Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics. IEEE Trans Inf Forensics Secur 6(2):426–437

    Article  Google Scholar 

  44. Yang T et al (2017) A secure smart card authentication and authorization framework using in multimedia cloud. Multimed Tools Appl 76(9):11715–11737. Springer

  45. Yu S, Zho W, Jia W, Guo S, Xiang Y, Tang F (2012) Discriminating DDoS attacks from flash crowds using flow correlation coefficient. IEEE Trans Parallel Distrib Syst 23(6):1073–1080

    Article  Google Scholar 

  46. Zhang C, Cai Z, Chen W, Luo X, Yin J (2012) Flow level detection and filtering of low-rate DDoS. Comput Netw. Elsevier 56(15):3417–3431

    Article  Google Scholar 

  47. Zhu W, Luo C, Wang J, Li S (2011) Multimedia Cloud Computing. IEEE Signal Process Mag 28(3):59–69

    Article  Google Scholar 

  48. Zhu W, Jiang H, Zhou S, Addison M (2017) An optimal resources scheduling strategy on multimedia cloud computing under multi-device constraint. Multimed Tools Appl Springer 76(19):19429–19444

    Article  Google Scholar 

Download references

Acknowledgements

This research work is being supported by Project grant (SB/FTP/ETA-131/2014) from SERB, DST, Government of India.

Author information

Authors and Affiliations

  1. National Institute of Technology Kurukshetra, Kurukshetra, India

    Kriti Bhushan & Brij B. Gupta

Authors
  1. Kriti Bhushan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Brij B. Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Brij B. Gupta.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bhushan, K., Gupta, B.B. Network flow analysis for detection and mitigation of Fraudulent Resource Consumption (FRC) attacks in multimedia cloud computing. Multimed Tools Appl 78, 4267–4298 (2019). https://doi.org/10.1007/s11042-017-5522-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-017-5522-z

Keywords

Search

Navigation