Optimal load distribution for the detection of VM-based DDoS attacks in the cloud

LAUR Repository

Show simple item record

dc.contributor.author Abdel Wahab, Omar
dc.contributor.author Bentahar, Jamal
dc.contributor.author Otrok, Hadi
dc.contributor.author Mourad, Azzam
dc.date.accessioned 2018-08-14T08:36:39Z
dc.date.available 2018-08-14T08:36:39Z
dc.date.copyright 2020 en_US
dc.identifier.issn 1939-1374 en_US
dc.identifier.uri http://hdl.handle.net/10725/8317
dc.description.abstract Distributed Denial of Service (DDoS) constitutes a major threat against cloud systems owing to the large financial losses it incurs. This motivated the security research community to investigate numerous detection techniques to limit such attack's effects. Yet, the existing solutions are still not mature enough to satisfy a cloud-dedicated detection system's requirements since they overlook the attacker's wily strategies that exploit the cloud's elastic and multi-tenant properties, and ignore the cloud system's resources constraints. Motivated by this fact, we propose a two-fold solution that allows, first, the hypervisor to establish credible trust relationships toward guest Virtual Machines (VMs) by considering objective and subjective trust sources and employing Bayesian inference to aggregate them. On top of the trust model, we design a trust-based maximin game between DDoS attackers trying to minimize the cloud system's detection and hypervisor trying to maximize this minimization under limited budget of resources. The game solution guides the hypervisor to determine the optimal detection load distribution among VMs in real-time that maximizes DDoS attacks’ detection. Experimental results reveal that our solution maximizes attacks’ detection, decreases false positives and negatives, and minimizes CPU, memory and bandwidth consumption during DDoS attacks compared to the existing detection load distribution techniques. en_US
dc.language.iso en en_US
dc.title Optimal load distribution for the detection of VM-based DDoS attacks in the cloud en_US
dc.type Article en_US
dc.description.version Published en_US
dc.author.school SAS en_US
dc.author.idnumber 200904853 en_US
dc.author.department Computer Science and Mathematics en_US
dc.description.embargo N/A en_US
dc.relation.journal IEEE Transactions on Services Computing en_US
dc.journal.volume 13 en_US
dc.journal.issue 1 en_US
dc.article.pages 114-129 en_US
dc.keywords Security en_US
dc.keywords Detection load distribution en_US
dc.keywords Distributed denial of service (DDoS) en_US
dc.keywords Cloud computing en_US
dc.keywords Trust en_US
dc.keywords Game theory en_US
dc.keywords Virtualization en_US
dc.identifier.doi http://dx.doi.org/10.1109/TSC.2017.2694426 en_US
dc.identifier.ctation Wahab, O. A., Bentahar, J., Otrok, H., & Mourad, A. (2020). Optimal load distribution for the detection of VM-based DDoS attacks in the cloud. IEEE Transactions on Services Computing, 13 (1), 114-129. en_US
dc.author.email azzam.mourad@lau.edu.lb en_US
dc.identifier.tou http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php en_US
dc.identifier.url http://ku7rj9xt8c.scholar.serialssolutions.com/?sid=google&auinit=OA&aulast=Wahab&atitle=Optimal+load+distribution+for+the+detection+of+VM-based+DDoS+attacks+in+the+cloud&id=doi:10.1109/TSC.2017.2694426 en_US
dc.orcid.id https://orcid.org/0000-0001-9434-5322 en_US
dc.publication.date 2017 en_US
dc.author.affiliation Lebanese American University en_US

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record

Search LAUR

Advanced Search


My Account