A Survey on DDoS Prevention, Detection, and Traceback in Cloud

Abstract

Distributed Denial of Service (DDoS) ranks among the top ten threats to the cloud computing environment. DDoS mainly targets limited resources of cloud like bandwidth and CPU thereby denying access to legitimate clients. DDoS attacks are initiated by a vast network of remotely controlled nodes called zombies. New forms of DDoS are invented every day. Therefore, DDoS preventive measures do not fully guarantee its mitigation. Detecting an attack and defending it as early as possible is critical for reducing the attack impact. The real solution to mitigate any attack is tracing back the attacker and punishing him. However, a real attacker will masquerade his identity using a spoofed address to avoid being traced back. The routing mechanism used on the internet does not have any memory of its own making traceback further difficult. Many businesses are reluctant to enter the cloud due to these DDoS vulnerabilities of the cloud. DDoS will affect network performance and may disrupt configuration information available in the system. In the event of DDoS, businesses will have to suffer reputation damage, customer agitation, and legal repercussions. Unless cloud is made secure, we cannot benefit from its full potential. Research on DDoS attacks and defense is in its infancy. DDoS defense and traceback is still an open and challenging problem. This paper presents basic types of DDoS and focuses more on DDoS prevention, detection, and traceback techniques.