SlideShare a Scribd company logo

DDOS Attack on Cloud Platforms.pptx

Download as PPTX, PDF
S
ShaimKibria

DDoS Attack on cloud

Engineering
1 of 17
DDOS Attack on Cloud SWASTIK JENA(B19CS033) MD SHAIM KIBRIA(B19CS030) IFTEKHAR MAHMOOD ANIM(B19CS032)
Layers in a Cloud Platform . 1)Infrastructure as a Service (IaaS) ● The basic layer of cloud is the infrastructure –IaaS (Infrastructure as a service). ● This layer is basically hardware and network. What distinguishes this from a regular server or hosting company are mainly two things: scalability and virtualisation. ● The second difference from traditional hosting is virtualisation. This is a piece of software that virtualises all the hardware. Virtualisation lets the IaaS vendor utilise their computing resources to as high as 90 %, compared to an individual company having their own servers idle most of the time.
2)Platform as a Service (PaaS) ● The second layer of the cloud is the platform – the PaaS (Platform as a service). The platform layer provides resources to actually build applications. ● In combination with IaaS, PaaS provides the ability to develop, test, run, and host applications. ● The platform layer opens up for third parties to add their software (or integrations) to a cloud service. ● An example of a well-known PaaS is Microsoft Azure. This platform provides developers with swift access to a full development and deployment environment and even let you host the application you are building
3) Software as a Service (SaaS) ● The third cloud layer is the actual Software (application layer) – the SaaS (Software as a service). SaaS has been used for many years, but in a Cloud setting, it is the layer in which the user consumes the offering from the service provider. ● The SaaS layer must be web-based and hence accessible from everywhere and preferably on any device. The key is to understand that it makes no sense to ask whether a service is cloud or SaaS, as SaaS is a layer in the cloud stack. ● On the other hand, it is important to understand that cloud is much more than SaaS, due to the other layers that bundled together makes out the whole cloud stack. Business Process Outsourcing (BPO) ● The top layer of the cloud is Business Process Outsourcing (BPO). As BPO is not technology, there are discussions about whether BPO can be regarded as a cloud layer. But the cloud is more about business models and not technology. ● Whereas the other layers of the cloud are concerned with consuming services from a vendor, BPO is about outsourcing services to a vendor and hence the same logic applies as the other layers.
Classification of DDoS Attacks: All forms of attacks fall under these two categories 1)Connection-based attack: This type of attacks can be carried out through an established connection of any client and server by using certain connection-oriented protocols. 2)Connection-less attack: An attack that doesn’t require a standard protocol-based session. Connection-less meant to be formally established before a server can send the “data packets” — typically a the basic unit of communication information which is transferred over a digital network to a client.
Major Types of Attack 1)Volumetric Attack: The Specific goal of this type of attack is to cause congestion traffic while sending the data packets over the line and it would cause bandwidth to overwhelm the scenario. Especially, most of the attacks are executed using botnets. a botnet is a group of agent handlers in a DDoS attack that provides the attacker with the ability to wage a much larger and more wild attack than a DoS attack while remaining anonymous on the Internet. It is measured by the number of received bits per second (bps). 2)Protocol Attack: In general, this type of attack focal point is on actual web/DNS/FTP servers, core Routers and switch, firewall devices and LB (load balancers) to disrupt the well-established connections, and also causing the exhaustion of their limited number of concurrent sessions on the device. It is measured by the number of received packets per second (PPS). 3)Application Layer Attack: It is also known as Connection-oriented attacks. Application attacks occur in Layer 7 of an OSI Model. Most of the Applications are under vulnerable scenarios by consisting of many loopholes. This specific type of attack is pretty much hard to detect because these sophisticated threats are generated from the limited number of attack machines, on top of that it's only generating a low traffic rate that appears to be legitimate for the victim to realize. It is measured by the number of received requests per second (RPS).
How Volumetric Attacks Work On Cloud ● Botnets: Attackers use a network of compromised computers, also known as a botnet, to flood the target cloud platform with a high volume of traffic, data or requests. ● Amplification: Attackers may also use amplification techniques to increase the volume of traffic being sent to the cloud platform. ● Application Layer: In some cases, attackers may target specific applications running on the cloud platform, rather than the entire platform. ● Mirai and IoT Devices: One of the most notorious volumetric attacks in recent years was carried out by the Mirai botnet. Impact of Volumetric Attack on Cloud Platforms ● Downtime: A volumetric attack can cause a cloud platform to become overloaded, leading to downtime. ● Slowdown: Even if the platform doesn't go down completely, a volumetric attack can still slow it down. ● Increased Costs: A volumetric attack can cause an increase in costs for cloud platforms. ● Data Loss: In some cases, a volumetric attack can result in data loss. ● Reputation Damage: A volumetric attack can also damage the
How Protocol Attacks Work On Cloud ● Protocol Exploitation: The attacker identifies vulnerabilities in the protocols used by the cloud platform, such as TCP/IP or HTTP, and exploits them to gain unauthorized access to the system. ● Packet Injection: The attacker sends packets of data to the cloud system that contain malicious code or commands designed to compromise the system or steal sensitive data. ● Man-in-the-Middle (MITM) Attack: The attacker intercepts the communication between the cloud platform and its users, allowing them to eavesdrop on the data being transferred or modify it for their own purposes. ● DNS Spoofing: The attacker modifies the Domain Name System (DNS) records used by the cloud platform, redirecting traffic to a fake website or server under the attacker's control. Impact of Protocol Attack on Cloud Platforms ● Service Disruption: Protocol attacks can disrupt the normal functioning of cloud services by causing delays or service outages. ● Data Breaches: Protocol attacks can be used to gain unauthorized access to sensitive data stored on cloud platforms. ● Resource Exhaustion: Protocol attacks can consume the computing resources of cloud platforms, such as CPU, memory, and bandwidth, resulting in denial-of-service (DoS) attacks.
How Application Layer Attacks Work On Cloud ● Malicious Requests: The attacker floods the cloud platform to overwhelm the application layer. These requests may look real, making them hard to spot. ● Protocol Manipulation: By manipulating cloud platform protocols like HTTP or HTTPS, the attacker exploits application layer vulnerabilities. ● Session Hijacking: An attacker hijacks a user session to access the cloud platform. The attacker can change data, steal sensitive information, or commit other crimes. ● Distributed Application Layer Attacks: A botnet is used to attack the cloud platform's application layer. This can cause serious damage. ● Brute Force Attacks: The attacker frequently guesses passwords or other authentication credentials to access the cloud platform. Impact of Application Layer Attack on Cloud Platforms ● Service Interruptions: Cloud platforms can be downed by application layer attacks. Productivity, revenue, and consumer confidence can suffer. ● Breach of Information: Application layer attacks can undermine cloud data privacy and integrity. Attackers can intercept, change, or steal data, causing financial, legal, and reputational harm. ● Loss of Credibility:Application layer attacks can tarnish cloud platforms. Downtime, data breaches, and other security issues can damage customer trust and income.
TECHNIQUES FOR MONITORING TRAFFIC ● Network traffic monitoring: This technique involves analyzing network traffic to identify unusual patterns, such as an unusually high volume of traffic from a particular IP address or network. ● Anomaly detection: This technique involves using machine learning algorithms to identify abnormal traffic patterns. The system learns what "normal" traffic looks like and then raises an alert when it detects traffic that deviates significantly from the norm. ● Signature-based detection: This technique involves using predefined signatures to detect known DDoS attack methods. The system looks for specific patterns in the traffic that match the signature of a known attack. ● Behavioral analysis: This technique involves monitoring the behavior of individual users or devices to detect unusual activity. ● Flow-based analysis: This technique involves analyzing network flows to identify patterns that are indicative of DDoS attacks. ● Packet inspection: This technique involves analyzing the contents of individual packets to identify malicious traffic.
NETWORK TRAFFIC ANALYSIS ● An increase in traffic volume: DDoS attacks typically involve a large volume of traffic directed at a target website or server. By monitoring network traffic, it is possible to detect sudden increases in traffic volume that may indicate a DDoS attack. ● An increase in traffic from a specific IP address or network: DDoS attacks often use multiple compromised devices or computers to generate traffic. By monitoring network traffic, it is possible to detect sudden increases in traffic from a particular IP address or network that may indicate a DDoS attack. ● An increase in traffic from a specific port: DDoS attacks often target specific ports used by web servers or other online services. By monitoring network traffic, it is possible to detect sudden increases in traffic to a particular port that may indicate a DDoS attack. ● An increase in traffic with a specific protocol: DDoS attacks often use specific protocols to generate traffic. By monitoring network traffic, it is possible to detect sudden increases in traffic using a particular protocol that may indicate a DDoS attack.
ANOMALY DETECTION ● Establishing a baseline: Before anomaly detection can be used to detect potential DDoS attacks, a baseline of normal network behavior needs to be established. This baseline is typically created by analyzing network traffic over a period of time and identifying normal traffic patterns. ● Identifying anomalies: Once a baseline of normal network behavior has been established, it is possible to identify anomalies in network traffic. Anomalies may include sudden spikes in traffic volume, unusual traffic patterns, or traffic from suspicious IP addresses or networks. ● Analyzing anomalies: Once anomalies have been identified, they need to be analyzed to determine whether they represent potential DDoS attacks. This may involve comparing anomalies to known DDoS attack patterns, analyzing the source and destination of traffic, and determining whether traffic is consistent with normal user behavior. ● Responding to anomalies: Once potential DDoS attacks have been identified, appropriate action needs to be taken to mitigate them. This may include blocking traffic from suspicious IP addresses or networks, redirecting traffic to other servers, or deploying additional resources to handle increased traffic volume.
INCIDENT RESPONSE ❖ Detection: The first step in incident response is to detect the DDoS attack. ❖ Notification: Once a DDoS attack has been detected, it is important to notify relevant stakeholders, such as IT staff, security personnel, and business leaders, about the attack. ❖ Assessment: After notification, an assessment of the DDoS attack should be carried out to determine the nature and scope of the attack. ❖ Mitigation: Once the DDoS attack has been assessed, appropriate mitigation measures should be implemented. ❖ Monitoring: After mitigation, it is important to continue monitoring the network for any signs of continued DDoS activity. This may involve ongoing traffic analysis and monitoring, as well as regular security audits and testing. ❖ Analysis: After the attack has been mitigated, a post-incident analysis should be carried out to identify any weaknesses in the organization's security posture and incident response capabilities, and to develop a plan to address these weaknesses.
CLOUD DDOS MITIGATION This cloud DDoS mitigation service uses over 20 different mitigation and analysis technologies, but the main forms of defence can be broken down into two main key areas: Proxy Protection Service – This is a DNS redirection on-demand service for HTTP/HTTPS traffic that provides rapid DDoS protection when your domain or website is under attack. When deployed, traffic from your domain is attracted to the nearest online scrubbing centre where it is either verified and passed through, or silently terminated, depending on the legitimacy of the traffic. Service provider acts as an intermediary for all communication during a period of attack. Patterns of traffic are analysed and managed across a common profile of all customers to optimise the service’s performance. A simple DNS name IP address remapping is all that is required to set this solution up.
CLOUD DDOS MITIGATION This cloud DDoS mitigation service uses over 20 different mitigation and analysis technologies, but the main forms of defence can be broken down into two main key areas: Routed Protection Service :This is a routing service that provides complete protection of all forms of IP traffic, not just HTTP/HTTPS. Services and routers are connected via a virtual tunnel. BGP is used to communicate network routes from you to service provider and then use this information to activate or deactivate the service as needed. When there is an attack and the service is active, your network routes are advertised to service provider. Then they attract all incoming traffic bound for your network towards the nearest global scrubbing centre. Traffic is then cleaned and forwarded over the virtual tunnel. Traffic outbound from your sites is sent out over your normal upstream ISPs, minimising the impact to your normal traffic patterns. Larger volume sites can make of a dedicated MPLS connection to the service.
References : 1) https://activereach.net/solutions/network-security/protect/ddos- mitigation/cloud-ddos-mitigation/ 2) https://www.visma.com/blog/cloud-basics-the-layers/ 3) Understanding DDoS Attack & Its Effect In Cloud Environment (ICAC3’15) 4) Mitigation of DDoS Attacks in Cloud Computing (International Conference on Wireless Networks and Embedded Systems (WECON’16))
DDOS Attack on Cloud Platforms.pptx

Recommended

Fortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_IntroductionFortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_Introductionswang2010
 
Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments IJITCA Journal
 
PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS
PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS
PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS IJITCA Journal
 
DDOS Attacks-A Stealthy Way of Implementation and Detection
DDOS Attacks-A Stealthy Way of Implementation and DetectionDDOS Attacks-A Stealthy Way of Implementation and Detection
DDOS Attacks-A Stealthy Way of Implementation and DetectionIJRES Journal
 
Cloud Computing Assignment 3
Cloud Computing Assignment 3Cloud Computing Assignment 3
Cloud Computing Assignment 3Gurpreet singh
 
DoS/DDoS
DoS/DDoSDoS/DDoS
DoS/DDoSVihari Piratla
 
L1803046876
L1803046876L1803046876
L1803046876IOSR Journals
 
Detection of application layer ddos attack using hidden semi markov model (20...
Detection of application layer ddos attack using hidden semi markov model (20...Detection of application layer ddos attack using hidden semi markov model (20...
Detection of application layer ddos attack using hidden semi markov model (20...Mumbai Academisc
 

Recommended

Fortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_IntroductionFortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_Introductionswang2010
 
Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments Preventing Distributed Denial of Service Attacks in Cloud Environments
Preventing Distributed Denial of Service Attacks in Cloud Environments IJITCA Journal
 
PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS
PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS
PREVENTING DISTRIBUTED DENIAL OF SERVICE ATTACKS IN CLOUD ENVIRONMENTS IJITCA Journal
 
DDOS Attacks-A Stealthy Way of Implementation and Detection
DDOS Attacks-A Stealthy Way of Implementation and DetectionDDOS Attacks-A Stealthy Way of Implementation and Detection
DDOS Attacks-A Stealthy Way of Implementation and DetectionIJRES Journal
 
Cloud Computing Assignment 3
Cloud Computing Assignment 3Cloud Computing Assignment 3
Cloud Computing Assignment 3Gurpreet singh
 
DoS/DDoS
DoS/DDoSDoS/DDoS
DoS/DDoSVihari Piratla
 
L1803046876
L1803046876L1803046876
L1803046876IOSR Journals
 
Detection of application layer ddos attack using hidden semi markov model (20...
Detection of application layer ddos attack using hidden semi markov model (20...Detection of application layer ddos attack using hidden semi markov model (20...
Detection of application layer ddos attack using hidden semi markov model (20...Mumbai Academisc
 
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!PriyadharshiniHemaku
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET Journal
 
DDOS Attack - Gurzu Nepal
DDOS Attack - Gurzu NepalDDOS Attack - Gurzu Nepal
DDOS Attack - Gurzu NepalGurzuInc
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET Journal
 
V1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.docV1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.docpraveena06
 
Detection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service AttacksDetection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service Attacksijdmtaiir
 
A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...eSAT Journals
 
A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...eSAT Publishing House
 
A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...eSAT Journals
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta swet4
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKSShaurya Gogia
 
Secure Android Development
Secure Android DevelopmentSecure Android Development
Secure Android DevelopmentShaul Rosenzwieg
 
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET Journal
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...IJNSA Journal
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622IJRAT
 
Study of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbedStudy of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbedeSAT Journals
 
Study of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedStudy of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedeSAT Publishing House
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 

More Related Content

Similar to DDOS Attack on Cloud Platforms.pptx

Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!PriyadharshiniHemaku
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET Journal
 
DDOS Attack - Gurzu Nepal
DDOS Attack - Gurzu NepalDDOS Attack - Gurzu Nepal
DDOS Attack - Gurzu NepalGurzuInc
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET Journal
 
V1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.docV1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.docpraveena06
 
Detection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service AttacksDetection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service Attacksijdmtaiir
 
A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...eSAT Journals
 
A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...eSAT Publishing House
 
A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...eSAT Journals
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta swet4
 
Secure Android Development
Secure Android DevelopmentSecure Android Development
Secure Android DevelopmentShaul Rosenzwieg
 
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET Journal
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...IJNSA Journal
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622IJRAT
 
Study of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbedStudy of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbedeSAT Journals
 
Study of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedStudy of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedeSAT Publishing House
 

Similar to DDOS Attack on Cloud Platforms.pptx (20)

Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
 
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree AlgorithmIRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
IRJET- DDOS Detection System using C4.5 Decision Tree Algorithm
 
DDOS Attack - Gurzu Nepal
DDOS Attack - Gurzu NepalDDOS Attack - Gurzu Nepal
DDOS Attack - Gurzu Nepal
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
 
V1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.docV1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.doc
 
Detection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service AttacksDetection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service Attacks
 
A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...
 
A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...
 
A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...A comprehensive survey on security issues in cloud computing and data privacy...
A comprehensive survey on security issues in cloud computing and data privacy...
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
Secure Android Development
Secure Android DevelopmentSecure Android Development
Secure Android Development
 
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
IRJET- EEDE- Extenuating EDOS for DDOS and Eluding HTTP Web based Attacks in ...
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacks
 
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622
 
Study of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbedStudy of flooding based ddos attacks and their effect using deter testbed
Study of flooding based ddos attacks and their effect using deter testbed
 
Study of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbedStudy of flooding based d do s attacks and their effect using deter testbed
Study of flooding based d do s attacks and their effect using deter testbed
 

Recently uploaded

High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝soniya singh
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAbhinavSharma374939
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 

Recently uploaded (20)

High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog Converter
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 

DDOS Attack on Cloud Platforms.pptx

  • 1. DDOS Attack on Cloud SWASTIK JENA(B19CS033) MD SHAIM KIBRIA(B19CS030) IFTEKHAR MAHMOOD ANIM(B19CS032)
  • 2. Layers in a Cloud Platform . 1)Infrastructure as a Service (IaaS) ● The basic layer of cloud is the infrastructure –IaaS (Infrastructure as a service). ● This layer is basically hardware and network. What distinguishes this from a regular server or hosting company are mainly two things: scalability and virtualisation. ● The second difference from traditional hosting is virtualisation. This is a piece of software that virtualises all the hardware. Virtualisation lets the IaaS vendor utilise their computing resources to as high as 90 %, compared to an individual company having their own servers idle most of the time.
  • 3. 2)Platform as a Service (PaaS) ● The second layer of the cloud is the platform – the PaaS (Platform as a service). The platform layer provides resources to actually build applications. ● In combination with IaaS, PaaS provides the ability to develop, test, run, and host applications. ● The platform layer opens up for third parties to add their software (or integrations) to a cloud service. ● An example of a well-known PaaS is Microsoft Azure. This platform provides developers with swift access to a full development and deployment environment and even let you host the application you are building
  • 4. 3) Software as a Service (SaaS) ● The third cloud layer is the actual Software (application layer) – the SaaS (Software as a service). SaaS has been used for many years, but in a Cloud setting, it is the layer in which the user consumes the offering from the service provider. ● The SaaS layer must be web-based and hence accessible from everywhere and preferably on any device. The key is to understand that it makes no sense to ask whether a service is cloud or SaaS, as SaaS is a layer in the cloud stack. ● On the other hand, it is important to understand that cloud is much more than SaaS, due to the other layers that bundled together makes out the whole cloud stack. Business Process Outsourcing (BPO) ● The top layer of the cloud is Business Process Outsourcing (BPO). As BPO is not technology, there are discussions about whether BPO can be regarded as a cloud layer. But the cloud is more about business models and not technology. ● Whereas the other layers of the cloud are concerned with consuming services from a vendor, BPO is about outsourcing services to a vendor and hence the same logic applies as the other layers.
  • 5. Classification of DDoS Attacks: All forms of attacks fall under these two categories 1)Connection-based attack: This type of attacks can be carried out through an established connection of any client and server by using certain connection-oriented protocols. 2)Connection-less attack: An attack that doesn’t require a standard protocol-based session. Connection-less meant to be formally established before a server can send the “data packets” — typically a the basic unit of communication information which is transferred over a digital network to a client.
  • 6. Major Types of Attack 1)Volumetric Attack: The Specific goal of this type of attack is to cause congestion traffic while sending the data packets over the line and it would cause bandwidth to overwhelm the scenario. Especially, most of the attacks are executed using botnets. a botnet is a group of agent handlers in a DDoS attack that provides the attacker with the ability to wage a much larger and more wild attack than a DoS attack while remaining anonymous on the Internet. It is measured by the number of received bits per second (bps). 2)Protocol Attack: In general, this type of attack focal point is on actual web/DNS/FTP servers, core Routers and switch, firewall devices and LB (load balancers) to disrupt the well-established connections, and also causing the exhaustion of their limited number of concurrent sessions on the device. It is measured by the number of received packets per second (PPS). 3)Application Layer Attack: It is also known as Connection-oriented attacks. Application attacks occur in Layer 7 of an OSI Model. Most of the Applications are under vulnerable scenarios by consisting of many loopholes. This specific type of attack is pretty much hard to detect because these sophisticated threats are generated from the limited number of attack machines, on top of that it's only generating a low traffic rate that appears to be legitimate for the victim to realize. It is measured by the number of received requests per second (RPS).
  • 7. How Volumetric Attacks Work On Cloud ● Botnets: Attackers use a network of compromised computers, also known as a botnet, to flood the target cloud platform with a high volume of traffic, data or requests. ● Amplification: Attackers may also use amplification techniques to increase the volume of traffic being sent to the cloud platform. ● Application Layer: In some cases, attackers may target specific applications running on the cloud platform, rather than the entire platform. ● Mirai and IoT Devices: One of the most notorious volumetric attacks in recent years was carried out by the Mirai botnet. Impact of Volumetric Attack on Cloud Platforms ● Downtime: A volumetric attack can cause a cloud platform to become overloaded, leading to downtime. ● Slowdown: Even if the platform doesn't go down completely, a volumetric attack can still slow it down. ● Increased Costs: A volumetric attack can cause an increase in costs for cloud platforms. ● Data Loss: In some cases, a volumetric attack can result in data loss. ● Reputation Damage: A volumetric attack can also damage the
  • 8. How Protocol Attacks Work On Cloud ● Protocol Exploitation: The attacker identifies vulnerabilities in the protocols used by the cloud platform, such as TCP/IP or HTTP, and exploits them to gain unauthorized access to the system. ● Packet Injection: The attacker sends packets of data to the cloud system that contain malicious code or commands designed to compromise the system or steal sensitive data. ● Man-in-the-Middle (MITM) Attack: The attacker intercepts the communication between the cloud platform and its users, allowing them to eavesdrop on the data being transferred or modify it for their own purposes. ● DNS Spoofing: The attacker modifies the Domain Name System (DNS) records used by the cloud platform, redirecting traffic to a fake website or server under the attacker's control. Impact of Protocol Attack on Cloud Platforms ● Service Disruption: Protocol attacks can disrupt the normal functioning of cloud services by causing delays or service outages. ● Data Breaches: Protocol attacks can be used to gain unauthorized access to sensitive data stored on cloud platforms. ● Resource Exhaustion: Protocol attacks can consume the computing resources of cloud platforms, such as CPU, memory, and bandwidth, resulting in denial-of-service (DoS) attacks.
  • 9. How Application Layer Attacks Work On Cloud ● Malicious Requests: The attacker floods the cloud platform to overwhelm the application layer. These requests may look real, making them hard to spot. ● Protocol Manipulation: By manipulating cloud platform protocols like HTTP or HTTPS, the attacker exploits application layer vulnerabilities. ● Session Hijacking: An attacker hijacks a user session to access the cloud platform. The attacker can change data, steal sensitive information, or commit other crimes. ● Distributed Application Layer Attacks: A botnet is used to attack the cloud platform's application layer. This can cause serious damage. ● Brute Force Attacks: The attacker frequently guesses passwords or other authentication credentials to access the cloud platform. Impact of Application Layer Attack on Cloud Platforms ● Service Interruptions: Cloud platforms can be downed by application layer attacks. Productivity, revenue, and consumer confidence can suffer. ● Breach of Information: Application layer attacks can undermine cloud data privacy and integrity. Attackers can intercept, change, or steal data, causing financial, legal, and reputational harm. ● Loss of Credibility:Application layer attacks can tarnish cloud platforms. Downtime, data breaches, and other security issues can damage customer trust and income.
  • 10. TECHNIQUES FOR MONITORING TRAFFIC ● Network traffic monitoring: This technique involves analyzing network traffic to identify unusual patterns, such as an unusually high volume of traffic from a particular IP address or network. ● Anomaly detection: This technique involves using machine learning algorithms to identify abnormal traffic patterns. The system learns what "normal" traffic looks like and then raises an alert when it detects traffic that deviates significantly from the norm. ● Signature-based detection: This technique involves using predefined signatures to detect known DDoS attack methods. The system looks for specific patterns in the traffic that match the signature of a known attack. ● Behavioral analysis: This technique involves monitoring the behavior of individual users or devices to detect unusual activity. ● Flow-based analysis: This technique involves analyzing network flows to identify patterns that are indicative of DDoS attacks. ● Packet inspection: This technique involves analyzing the contents of individual packets to identify malicious traffic.
  • 11. NETWORK TRAFFIC ANALYSIS ● An increase in traffic volume: DDoS attacks typically involve a large volume of traffic directed at a target website or server. By monitoring network traffic, it is possible to detect sudden increases in traffic volume that may indicate a DDoS attack. ● An increase in traffic from a specific IP address or network: DDoS attacks often use multiple compromised devices or computers to generate traffic. By monitoring network traffic, it is possible to detect sudden increases in traffic from a particular IP address or network that may indicate a DDoS attack. ● An increase in traffic from a specific port: DDoS attacks often target specific ports used by web servers or other online services. By monitoring network traffic, it is possible to detect sudden increases in traffic to a particular port that may indicate a DDoS attack. ● An increase in traffic with a specific protocol: DDoS attacks often use specific protocols to generate traffic. By monitoring network traffic, it is possible to detect sudden increases in traffic using a particular protocol that may indicate a DDoS attack.
  • 12. ANOMALY DETECTION ● Establishing a baseline: Before anomaly detection can be used to detect potential DDoS attacks, a baseline of normal network behavior needs to be established. This baseline is typically created by analyzing network traffic over a period of time and identifying normal traffic patterns. ● Identifying anomalies: Once a baseline of normal network behavior has been established, it is possible to identify anomalies in network traffic. Anomalies may include sudden spikes in traffic volume, unusual traffic patterns, or traffic from suspicious IP addresses or networks. ● Analyzing anomalies: Once anomalies have been identified, they need to be analyzed to determine whether they represent potential DDoS attacks. This may involve comparing anomalies to known DDoS attack patterns, analyzing the source and destination of traffic, and determining whether traffic is consistent with normal user behavior. ● Responding to anomalies: Once potential DDoS attacks have been identified, appropriate action needs to be taken to mitigate them. This may include blocking traffic from suspicious IP addresses or networks, redirecting traffic to other servers, or deploying additional resources to handle increased traffic volume.
  • 13. INCIDENT RESPONSE ❖ Detection: The first step in incident response is to detect the DDoS attack. ❖ Notification: Once a DDoS attack has been detected, it is important to notify relevant stakeholders, such as IT staff, security personnel, and business leaders, about the attack. ❖ Assessment: After notification, an assessment of the DDoS attack should be carried out to determine the nature and scope of the attack. ❖ Mitigation: Once the DDoS attack has been assessed, appropriate mitigation measures should be implemented. ❖ Monitoring: After mitigation, it is important to continue monitoring the network for any signs of continued DDoS activity. This may involve ongoing traffic analysis and monitoring, as well as regular security audits and testing. ❖ Analysis: After the attack has been mitigated, a post-incident analysis should be carried out to identify any weaknesses in the organization's security posture and incident response capabilities, and to develop a plan to address these weaknesses.
  • 14. CLOUD DDOS MITIGATION This cloud DDoS mitigation service uses over 20 different mitigation and analysis technologies, but the main forms of defence can be broken down into two main key areas: Proxy Protection Service – This is a DNS redirection on-demand service for HTTP/HTTPS traffic that provides rapid DDoS protection when your domain or website is under attack. When deployed, traffic from your domain is attracted to the nearest online scrubbing centre where it is either verified and passed through, or silently terminated, depending on the legitimacy of the traffic. Service provider acts as an intermediary for all communication during a period of attack. Patterns of traffic are analysed and managed across a common profile of all customers to optimise the service’s performance. A simple DNS name IP address remapping is all that is required to set this solution up.
  • 15. CLOUD DDOS MITIGATION This cloud DDoS mitigation service uses over 20 different mitigation and analysis technologies, but the main forms of defence can be broken down into two main key areas: Routed Protection Service :This is a routing service that provides complete protection of all forms of IP traffic, not just HTTP/HTTPS. Services and routers are connected via a virtual tunnel. BGP is used to communicate network routes from you to service provider and then use this information to activate or deactivate the service as needed. When there is an attack and the service is active, your network routes are advertised to service provider. Then they attract all incoming traffic bound for your network towards the nearest global scrubbing centre. Traffic is then cleaned and forwarded over the virtual tunnel. Traffic outbound from your sites is sent out over your normal upstream ISPs, minimising the impact to your normal traffic patterns. Larger volume sites can make of a dedicated MPLS connection to the service.
  • 16. References : 1) https://activereach.net/solutions/network-security/protect/ddos- mitigation/cloud-ddos-mitigation/ 2) https://www.visma.com/blog/cloud-basics-the-layers/ 3) Understanding DDoS Attack & Its Effect In Cloud Environment (ICAC3’15) 4) Mitigation of DDoS Attacks in Cloud Computing (International Conference on Wireless Networks and Embedded Systems (WECON’16))