Abstract
Many organizations and service providers have started shifting from traditional server-cluster infrastructure to cloud-based infrastructure. The threat of Distributed Denial of Service (DDoS) attack continues to wreak havoc in these cloud infrastructures. In addition to DDoS attacks, a new form of attack known as Economic Denial of Sustainability (EDoS) attack has emerged in recent years. EDoS which is unique to cloud infrastructure may not be easily detected as with DDoS. Although EDoS attack is small at the moment, it is expected to grow in the near future in tandem with the growth in cloud usage. As EDoS has a major impact economically, it can considered to be more serious than DDoS and many defence and mitigation mechanisms have been proposed to combat these attacks. This paper introduces EDoS and how it differs from DDoS. The existing mitigation techniques are described and the drawbacks of these techniques are explained.
Highlights
Cloud Computing (CC) brings the paradigm shift in distributed computing community
We introduce the concept of Economic Denial of Sustainability (EDoS) and how it differs from Distributed Denial of Service (DDoS) followed by a critical review of existing mitigation techniques that can be used to combat these attacks
EDoS Armor works by defining number of clients that can send requests and the prioritized clients based on the activity and type of resources they access
Summary
Cloud Computing (CC) brings the paradigm shift in distributed computing community. According to IDC survey (Gens, 2009), It is evident that people are more concern about security in cloud computing. CloudWatch (CloudWatch, 2013) is professional service from Amazon to reduce the impact of the EDoS attacks by providing monitoring service for cloud resources, which enable organisations to define upper limits to the elastic resource utilization of their cloud infrastructure This is an inefficient solution against the EDoS as user can still be charged for over utilization in case of DDoS attempt. EDoS Armor works by defining number of clients that can send requests and the prioritized clients based on the activity and type of resources they access This method provides the network rate limiting which is good for internal use of organisations. You can limit the connection from specific network but it creates overheads in port translation, generating challenge for authentication and in verification of trusted node and prioritizing them This method use the packet marking and trace back mechanism to shield from the application level XML based DoS attack. It does not provide any protection if attack originated from the whitelisted host
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
