An exponent based error detection mechanism against DXDOS attack for improving the security in cloud

Abstract

Providing security to Cloud against the harmful attacks is an important and essential thing in recent days. Because, there are lot of attacks intend to affect the performance of data transmission in Cloud. Specifically, the extensible markup language-denial of service (XML-DoS) cause the severe damage to Cloud, which misuses the protocols for injecting the attack packets and disturbing the protocol handlers. So, this type of attack must be detected for enabling a reliable and secure service delivery in Cloud. For this purpose, the traditional works developed various attack detection mechanisms for identifying and blocking the XML-DoS attacks, but it lacks with the limitations of increased computation overhead, reduced detection accuracy, and inefficient classification. To solve these issues, this paper aims to develop a new attack detection framework based on the XML schema. The stages that involved in this work are, pattern validation, traffic extraction, error classification, and IP traceback. At first, the individual users transmit the packets to the routers, then the packet marking is performed based on the router IP. After that, the patterns of the packets are validated, if it is valid, the distinct IP is counted for IP matching. Consequently, the time sequence Tsallis entropy, source IP Tsallis entropy, and Lyapunov exponent are estimated. Based on the estimated exponent value, the error is classified as the chaotic or non-chaotic. Finally, the bee colony algorithm is implemented to perform the IP traceback, which takes the appropriate decision for blocking the attacker packets from the particular server. In experiments, the performance of the proposed method is evaluated by using various performance measures. Also, the superiority of the proposed system is proved by comparing it with the existing techniques.