Security Issues in Cloud Computing Solution of DDOS and Introducing Two-Tier CAPTCHA

Abstract

Cloud computing is simply a metaphor for the internet. User does not requiredknowledge, control, and ownership in the computer infrastructure.User simply access or rent the software and paying only for what they use. Advantage of cloud computing is huge like Broad network access, Cost effectiveness, Rapid elasticity, Measured services, On -Demand service, Resource pooling , Location independence, Reliability, Energy saving and so on. But its global phenomenon that everything in this world has advantage as well as disadvantage, cloud computing also suffering from some drawback like security & privacy, Internet Dependency, Availability, And Current Enterprise Applications Can't Be Migrated Easily. I conclude that security is biggest hurdle in wide acceptance of cloud computing. U ser of cloud services are in fear of data loss, security and a vailability issues. At virtual level DDOS (Distributed Denial of Service Attack)is biggest threat of availability in cloud computing. In Denial of service attack an attacker prevent legitimate users of service from using the desired resources by flood a network or by consuming bandwidth .So authentication is need to distinguish legitimated clients from malicious clien ts, which can be performed through strong cryptographic verification (for a private server) or graphical Turing tests (for a public server). Where the authentication is performed by Graphical Turing Tests, which is widely used to distinguish human users from robots through their reaction. On the other hand, CAPTCHA (Completely Automated Public Turing Tests to Tell Computers and Humans Apart) is used for Graphical Turing Test. There are many OCR or Non -OCR based CAPTCHA’s are used widely but they are vulnerable to many attacks likePixel-Count Attack, Recognition by using OCR, Dictionary Attack, and Vertical Segmentation. This paper introduces a new CAPTCHA method called Two-Tier CAPTCHA.In this method CLAD node need to generate two things,first a alphanumeric CAPTCHA code with image. Second Query related to that CAPTCHA code. E.g. enter only Digit’s .We can increase the rate of its difficulty in order to improve its resistance against the attacks by ad ding more and more query and combination in database.The algorithm of this method makes it hard for bot programs which mean that it is more secure.This project has been implemented byASP.NET and PHP Language.