Distributed denial of service attacks in cloud: State-of-the-art of scientific and commercial solutions

Abstract

Cloud computing model provides on demand, elastic and fully managed computer system resources and services to organizations. However, attacks on cloud components can cause inestimable losses to cloud service providers and cloud users. One such category of attacks is the Distributed Denial of Service (DDoS), which can have serious consequences including impaired customer experience, service outage and in severe cases, complete shutdown and total economic unsustainability. Advances in Internet of Things (IoT) and network connectivity have inadvertently facilitated launch of DDoS attacks which have increased in volume, frequency and intensity. Recent DDoS attacks involving new attack vectors and strategies, have precipitated the need for this survey.In this survey, we mainly focus on finding the gaps, as well as bridging those gaps between the future potential DDoS attacks and state-of-the-art scientific and commercial DDoS attack defending solutions. It seeks to highlight the need for a comprehensive detection approach by presenting the recent threat landscape and major cloud attack incidents, estimates of future DDoS, illustrative use cases, commercial DDoS solutions, and the laws governing DDoS attacks in different nations. An up-to-date survey of DDoS detection methods, particularly anomaly based detection, available research tools, platforms and datasets, has been given. This paper further explores the use of machine learning methods for detection of DDoS attacks and investigates features, strengths, weaknesses, tools, datasets, and evaluates results of the methods in the context of the cloud. A summary comparison of statistical, machine learning and hybrid methods has been brought forth based on detailed analysis. This paper is intended to serve as a ready reference for the research community to develop effective and innovative detection mechanisms for forthcoming DDoS attacks in the cloud environment. It will also sensitize cloud users and providers to the urgent need to invest in deployment of DDoS detection mechanisms to secure their assets.