The impact and mitigation of ICMP based economic denial of sustainability attack in cloud computing environment using software defined network

Abstract

High availability in network services is a crucial requirement for quality of experience. Denial of Service (DoS) and Distribute Denial of Service (DDoS) attacks are under contemplation by many researchers across the globe because these attacks directly target services availability. For this reason, cloud providers use the auto-scaling feature in Cloud Computing Environments (CCE), in which cloud resources scale dynamically on demand. DoS/DDoS attacks on CCE, using auto-scaling, do not deny services but cause high resource usage and substantial financial damages that become an Economic Denial of Sustainability (EDOS) attack. One of the DoS/DDoS attacks, resulting EDOS attack is the Internet Control Messaging Protocol (ICMP) flooding attack. In this paper, a novel technique, ICMP detection and mitigation model (EDOS-IDM) is proposed that can detect and mitigate Volumetric and Normal Behavioral ICMP traffic attacks. The results from the proposed technique are compared with the Normal Behavioral ICMP traffic attack because it causes least resource usage among all the mitigation techniques. According to our study, there is no such technique that can handle normal behavioral ICMP traffic attack. The technique is practically tested and evaluated on OpenStack production Cloud Environment test bed. According to the results, the technique is proved to save extra resource consumption and customer's bills in a cloud computing environment.