Abstract
Cloud computing is one of the most modernized technology for the modern world. Along with the developments in the cloud infrastructure comes the risk of attacks that exploit the cloud services to exhaust the usage-based resources. A new type of general denial attack, called “economic denial of sustainability” (EDoS), exploits the pay-per-use service to scale-up resource usage normally and gradually over time, finally bankrupting a service provider. The stealthiness of EDoS has made it challenging to detect by most traditional mechanisms for the detection of denial-of-service attacks. Although some recent research has shown that multivariate time recurrent models, such as recurrent neural networks (RNN) and long short-term memory (LSTM), are effective for EDoS detection, they have some limitations, such as a long processing time and information loss. Therefore, an efficient EDoS detection scheme is proposed, which utilizes an attention technique. The proposed attention technique mimics cognitive attention, which enhances the critical features of the input data and fades out the rest. This reduces the feature selection processing time by calculating the query, key and value scores for the network packets. During the EDoS attack, the values of network features change over time. The proposed scheme inspects the changes of the attention scores between packets and between features, which can help the classification modules distinguish the attack flows from network flows. On another hand, our proposal scheme speeds up the processing time for the detection system in the cloud. This advantage benefits the detection process, but the risk of the EDoS is serious as long as the detection time is delayed. Comprehensive experiments showed that the proposed scheme can enhance the detection accuracy by 98%, and the computational speed is 60% faster compared to previous techniques on the available datasets, such as KDD, CICIDS, and a dataset that emerged from the testbed. Our proposed work is not only beneficial to the detection system in cloud computing, but can also be enlarged to be better with higher quality of training and technologies.
Highlights
The virtual firewalls (VFs) work by filtering mechanisms that allow the packets originating from the whitelist Internet Protocol (IP) addresses to pass and dropping other packets originating from blacklist IP addresses
To distributed denial-of-service (DDoS) attacks, in economic denial of sustainability” (EDoS) attacks, the network systems are attacked by many botnets that are spoofed by attackers
The whitelist is used to track the authenticated source IP addresses that are in benign flow as decided by the trained model, and the blacklist is used to hold those unauthenticated source IP addresses that indicate EDoS flow attacks, which are excluded from the service and the incoming packet flows are dropped
Summary
In the past few years, cloud computing has been one of the fastest growing technologies of the IT industry. DoS attacks aim to bankrupt the service provider They can remain stealthy for a long time while wasting the cloud resource and deceiving most existing DoS defense threshold-based mechanisms. The recurrent neural network (RNN) is a model for the sequence input that can successfully detect DoS attacks [11] Another RNN scheme [12], called the long short-term memory (LSTM) model which can solve the vanishing gradient problem of RNNs by an internal mechanism called “memory gates” that can regulate the flow of the input sequence. The time delay in model training is significant, especially when the input is long These shortcomings of the recurrent models make them inefficient for processing the sequence data as EDoS data. To overcome the limitation in the time delay of recurrent models and increase the accuracy of EDoS detection, a new designed scheme is proposed
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
