Performance assessment of hybrid MTD for DoS mitigation in public cloud

Abstract

The massive features of cloud computing makes it as an attractive target in today's business community. Public cloud draws immediate attention among individuals, organizations due to its pay-as-you-go model. Security, reliability, and regulatory compliance are the principal key concerns in the public cloud environment as its success relies merely on addressing those concerns. Denial of Service (DoS) attack is one of the major attack categories in the cloud. Despite the emergence of automated and advanced attack control measures in place, the blooming and morphing nature of DoS attacks are truly devastative in disrupting the service availability. Moving Target Defense (MTD) is an emerging technique to achieve the diversity criterion for improving the network resiliency against DoS. The prominent solution against DoS mitigation could be achieved using a combination of MTD strategies for increased uncertainty. Hence, the proposed technique combines the shuffle, diversity, and redundancy strategies of MTD which yields increased uncertainty, reduced attack probability values, and early attack detection with Access Control List (ACL) rules. 0.1% is the attack probability value achieved based on experimental simulations in the Amazon Web Service (AWS) environment.