An anomaly based approach for DDoS attacks detection in cloud environment
Other Title(s)
نموذج لاكتشاف هجومات الحرمان من الخدمة في بيئة الحوسبة السحابية
Dissertant
al-Hawawrih, Muna Sulayman Ali
Thesis advisor
Comitee Members
al-Nuaymat, Ghazi Muhammad
Hammad, Mustafa Muhammad
al-Nabhan, Muhammad
University
Mutah University
Faculty
Information Technology College
Department
Computer Science Department
University Country
Jordan
Degree
Master
Degree Date
2016
English Abstract
Cloud computing has been the biggest Information Technology and industry buzzword in recent years, and will continue to be so for the foreseeable future.
It has drawn significant attention from researchers due to its widespread application and substantial benefits.
Because of its distributed nature–specifically, using virtualization, multi-tenant and their reliance on the Internet to provide their services, security poses a major threat to cloud computing.
Currently, an insider Distributed Denial of Service (DDoS) attack is the biggest challenge for a cloud environment, where the unavailability of services and connectivity issues in the cloud can deactivate the services, which takes an immense toll in terms of business and financial losses for consumers.
Hence, to protect the cloud environment–in particular, the virtual environment–from DDoS activities, we need more than a traditional defense mechanism such as firewalls, which sniff the network packets at the boundary of the network to detect and prevent the attacks from entering the network, but are incapable of detecting insider attacks.
Intrusion Detection Systems (IDS) are an important key to cloud infrastructure security.
This work proposes an anomaly intrusion detection approach in the hypervisor layer to discourage DDoS activities between virtual machines.
The proposed approach is implemented by the evolutionary neural network, which integrates the particle swarm optimization with neural network for detection and classification of the traffic that is exchanged between virtual machines.
Here, the particle swarm optimization is used to choose the optimal weights for neural network to achieve a high accuracy.
Our aim is to ensure the feasibility of the proposed model in detecting DDoS attacks in the virtual cloud.
Seeing as there is currently no available dataset for testing and validating the cloud intrusion detection system, in this work, a new dataset that contains two types of popular DDoS attacks, TCP-SYN and UDP flood attacks are generated.
The performance analysis and results showed that the proposed intrusion detection approach achieved a high accuracy rate, with the best performance being 99.99%, and a false alarm rate of only 0.01%.
Main Subjects
Information Technology and Computer Science
No. of Pages
89
Table of Contents
Table of contents.
Abstract.
Abstract in Arabic.
Chapter One : Introduction
Chapter Two : Literature review.
Chapter Three : Design and methodology.
Chapter Four : Experiment discussion, conclusion and recommendations.
References.
American Psychological Association (APA)
al-Hawawrih, Muna Sulayman Ali. (2016). An anomaly based approach for DDoS attacks detection in cloud environment. (Master's theses Theses and Dissertations Master). Mutah University, Jordan
https://search.emarefa.net/detail/BIM-749331
Modern Language Association (MLA)
al-Hawawrih, Muna Sulayman Ali. An anomaly based approach for DDoS attacks detection in cloud environment. (Master's theses Theses and Dissertations Master). Mutah University. (2016).
https://search.emarefa.net/detail/BIM-749331
American Medical Association (AMA)
al-Hawawrih, Muna Sulayman Ali. (2016). An anomaly based approach for DDoS attacks detection in cloud environment. (Master's theses Theses and Dissertations Master). Mutah University, Jordan
https://search.emarefa.net/detail/BIM-749331
Language
English
Data Type
Arab Theses
Record ID
BIM-749331