DeepAI AI Chat
Log In Sign Up

FIDS: Fuzzy Intrusion Detection System for simultaneous detection of DoS/DDoS attacks in Cloud computing

by   Peyman Khordadpour, et al.

In recent times, I've encountered a principle known as cloud computing, a model that simplifies user access to data and computing power on a demand basis. The main objective of cloud computing is to accommodate users' growing needs by decreasing dependence on human resources, minimizing expenses, and enhancing the speed of data access. Nevertheless, preserving security and privacy in cloud computing systems pose notable challenges. This issue arises because these systems have a distributed structure, which is susceptible to unsanctioned access - a fundamental problem. In the context of cloud computing, the provision of services on demand makes them targets for common assaults like Denial of Service (DoS) attacks, which include Economic Denial of Sustainability (EDoS) and Distributed Denial of Service (DDoS). These onslaughts can be classified into three categories: bandwidth consumption attacks, specific application attacks, and connection layer attacks. Most of the studies conducted in this arena have concentrated on a singular type of attack, with the concurrent detection of multiple DoS attacks often overlooked. This article proposes a suitable method to identify four types of assaults: HTTP, Database, TCP SYN, and DNS Flood. The aim is to present a universal algorithm that performs effectively in detecting all four attacks instead of using separate algorithms for each one. In this technique, seventeen server parameters like memory usage, CPU usage, and input/output counts are extracted and monitored for changes, identifying the failure point using the CUSUM algorithm to calculate the likelihood of each attack. Subsequently, a fuzzy neural network is employed to determine the occurrence of an attack. When compared to the Snort software, the proposed method's results show a significant improvement in the average detection rate, jumping from 57


page 6

page 7

page 8


Formal Analysis of an Authentication Protocol Against External Cloud-Based Denial-of-Service (DoS) Attack

The Denial-of-service (DoS) attack is considered one of the largest thre...

Detection of Colluded Black-hole and Grey-hole attacks in Cloud Computing

The availability of the high-capacity network, massive storage, hardware...

Evacuação de Dados em Nuvens Ópticas com base no SLA sob Cenário de Desastre

The popularization of cloud computing has provided the emergence of larg...

A Novel Framework for DDoS Detectionin Huge Scale Networks, Thanksto QoS Features

It is not been a long time since the advent of cloud-based technology. H...

Autonomic Intrusion Response in Distributed Computing using Big Data

We introduce a method for Intrusion Detection based on the classificatio...

The Greater The Power, The More Dangerous The Abuse: Facing Malicious Insiders in The Cloud

The financial crisis made companies around the world search for cheaper ...