File(s) not publicly available

Classifying different denial-of-service attacks in cloud computing using rule-based learning

From traditional networking to cloud computing, one of the essential but formidable tasks is to detect cyber attacks and their types. A cloud provider’s unwillingness to share security-related data with its clients adds to the difficulty of detection by a cloud customer. The research contributions in this paper are twofold. First, an investigative survey on cloud computing is conducted with the main focus on gaps that is hindering cloud adoption, accompanied by a review of the threat remediation challenges. Second, some thoughts are constructed on novel approaches to address some of the widely discussed denial-of-service (DoS) attack types by using machine learning techniques. We evaluate the techniques’ performances by using statistical ranking-based methods, and find the rule-based learning technique C4.5, from a set of popular learning algorithms, as an efficient tool to classify various DoS attacks in the cloud platform. The novelty of our rather rigorous analysis is in its ability to identify insider’s activities and other DoS attacks by using performance data. The reason for using performance data ratherthan traditional logs and security-related data is that the performance data can be collected by the customers themselves without any help from cloud providers. To the best of our knowledge, no one has made such attempts before. Our findings and thoughts captured through a series of experiments in our constructed cloud server are expected to give researchers, cloud providers and customers additional insight and tools to proactively protect themselves from known or perhaps even unknown security issues that have similar patterns.

History

Volume

2

Issue

11

Start Page

1235

End Page

1247

Number of Pages

13

ISSN

1939-0114

Location

Untied States

Publisher

John Wiley & Sons, Ltd.

Language

en-aus

Peer Reviewed

Yes

Open Access

No

External Author Affiliations

Faculty of Arts, Business, Informatics and Education; Not affiliated to a Research Institute;

Era Eligible

Yes

Journal

Security and communication networks.