SlideShare a Scribd company logo

Prevention of Vulnerable Virtual Machines against DDOS.pptx

Download as PPTX, PDF
N
NoorFathima60

The document describes the NICE model for preventing vulnerable virtual machines from DDoS attacks in the cloud. The NICE model uses a network-based intrusion detection system agent in each cloud server to monitor traffic between virtual machines. It profiles virtual machines to gather configuration details and detects attacks by constructing scenario attack graphs. When attacks are detected, the network controller can reconfigure the virtual network to mitigate the attacks.

Technology
1 of 24
PREVENTION OF VULNERABLE VIRTUAL MACHINES AGAINST DDOS ATTACKS IN THE CLOUD 1 IDREES S PATEL NOORAIN FATHIMA II M.Sc. Data Science Cloud Computing
1. Cloud and Cloud Computing 2. Virtual Machine 3. Cloud Security 4. Cloud Attacks 5. NICE CONTENTS
What is Cloud? a. is a cluster b. It is a supercomputer c. It is a data store d. a superman None of the above yet all of the above. CLOUD – A VIRTUAL BACKPACK
 It is a global network of servers with a unique function.  It is not a physical entity, instead it is a vast network of remote servers around the globe that are hooked together and meant to operate as a single ecosystem.  The cloud refers to servers that are accessed over the web. CLOUD – A VIRTUAL BACKPACK
 Cloud computing refers to manipulating, configuring, and accessing applications online.  It offers online data storage, infrastructure, and application.  Cloud providers use virtualization technologies combined with self-service abilities for computing resources via network infrastructure CLOUD COMPUTING – A SILVER LINING
 In cloud environments, several kinds of virtual machines are hosted on the same physical server as infrastructure  A virtual machine (VM) is a digital version of a physical computer that can store data, connect to networks, and do other computing functions.  Virtual machines run on a physical machine and access computing resources from software called a hypervisor. VIRTUAL MACHINE - SIMULACRUM
 Recent studies have shown that users migrating to the cloud consider security as the most important factor.  A recent Cloud Security Alliance (CSA) survey shows that among all security issues, abuse and nefarious use of cloud computing are considered the top security threat.  Cloud security is a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. CLOUD SECURITY – CLOUD-LOCK HOLMES
There are many forms of cloud attacks. Among them important attacks that exist are: • DoS attacks against Cloud • DDoS attacks against Cloud • XML based DoS (X-DoS) • HTTP based DoS (H-Dos) CLOUD ATTACKS – CLOUD-POCALYPSE
DoS Attacks against the Cloud It is an increasingly prevalent security threat in the cloud. The attack intentionally compromises the availability of the virtual machines, and it is typically against the will of affected cloud users. To prevent DoS attacks against the cloud, various measures can be taken, such as implementing firewalls, using load balancers, and deploying intrusion detection and prevention systems. CLOUD ATTACKS – CLOUD-POCALYPSE
DDoS Attacks against the Cloud It is a significant threat to cloud infrastructure because multiple compromised systems or compromise multiple virtual machines attack a single target (cloud), thereby causing a denial of service for cloud users of the targeted system. To prevent DDoS attacks against the cloud, various measures can be taken, such as implementing firewalls, using load balancers, traffic filtering, network segmentation, DDoS Protection Services, and so on. CLOUD ATTACKS – CLOUD-POCALYPSE
Extensible Markup Language (XML) based Denial of Service (X-DoS) XML DoS attacks are extremely asymmetric: to deliver the attack payload, an attacker needs to spend only a fraction of the processing power or bandwidth that the victim needs to spend to handle the payload. To prevent X-DoS attacks against the cloud, various measures can be taken, such as the number of requests a user can make in a given period, implementing input validation, using a secure XML parser, and so on. CLOUD ATTACKS – CLOUD-POCALYPSE
Hypertext Transfer Protocol (HTTP) based Denial of Service (H-DoS) Hypertext Transfer Protocol (HTTP) is a protocol used to transfer data over the internet. HTTP-based Denial of Service (H-DoS) attacks exploit vulnerabilities in the HTTP protocol to launch attacks on web servers and applications. To prevent X-DoS attacks against the cloud, various measures can be taken, such as the number of requests a user can make in a given period, implementing input validation, using a web application firewall, and so on. CLOUD ATTACKS – CLOUD-POCALYPSE
Among these different types of attacks, Distributed Denial of Service Attack is more vulnerable to the cloud which compromises the virtual machines to explore DDOS attacks against the cloud CLOUD ATTACKS – CLOUD-POCALYPSE
 NIST (National Institute of Standards and Technology) defines NICE (National Initiative for Cybersecurity Education) as a comprehensive national cybersecurity training, education, and workforce development program.  NICE in cloud security refers to the implementation of NICE standards and guidelines to ensure a skilled and competent workforce in cloud security. NICE – Oh Nice!
Key Principles of NICE:  Identifying and managing risk  Continuous monitoring and improvement  Access control  Incident response and recovery  Training and awareness NICE – Oh Nice!
NICE MODEL – THREAT MODEL  In this attack model, we assume that an attacker can be located either outside or inside of the virtual networking system.  Our protection model focuses on virtual-network-based attack detection and reconfiguration solutions to improve the resiliency to zombie explorations.
NICE MODEL – ATTACK GRAPH MODEL  An attack graph is a modeling tool to illustrate all possible multi- stage, multi-host attack paths that are crucial to understanding threats and then deciding appropriate countermeasures.  In an attack graph, each node represents either precondition or consequence of an exploit.  The actions are not necessarily active attacks since normal protocol interactions can also be used for attacks.  An attack graph is a modeling tool to illustrate all possible multi- stage, multi-host attack paths that are crucial to understanding threats and then deciding appropriate countermeasures.  In an attack graph, each node represents either precondition or consequence of an exploit.  The actions are not necessarily active attacks since normal protocol interactions can also be used for attacks.
NICE MODEL – SYSTEM ARCHITECTURE
NICE MODEL – SYSTEM ARCHITECTURE NICE - A  The NICE-A is a Network-based Intrusion Detection System (NIDS) agent installed in each cloud server.  It scans the traffic going through the bridges that control all the traffic among VMs and in/out from the physical cloud servers.  Each bridge forms an isolated subnet in the virtual network and connects to all related VMs.  The traffic generated from the VMs on the mirrored software bridge will be mirrored to a specific port on a specific bridge
NICE MODEL – SYSTEM ARCHITECTURE VM PROFILING  Virtual machines in the cloud can be profiled to get precise information about their state, services running, open ports, etc.  One major function of a VM Profile is its connectivity with other VMs.  It includes information about the VM's hardware configuration, such as the amount of memory, number of CPUs, and the amount of storage allocated to the VM.  VM profiles can be used to standardize VM configurations, making it easier to manage and deploy VMs in a virtualized environment.
NICE MODEL – SYSTEM ARCHITECTURE ATTACK ANALYSER  The process of constructing and utilizing the Scenario Attack Graph (SAG) consists of three phases: information gathering, attack graph construction, and potential exploit path analysis.  The Attack Analyzer also handles alert correlation and analysis operations.
NICE MODEL – SYSTEM ARCHITECTURE NETWORK CONTROLLER  The network controller is a key component to support the programmable networking capability to realize the virtual network reconfiguration.  The network controller is responsible for collecting network information of the current Open Flow network and provides input to the attack analyzer to construct attack graphs
CONCLUSION – PUNCHLINE!  NICE detects and mitigates collaborative attacks in the cloud virtual networking environment.  NICE utilizes the graph models to conduct attack detection and prediction.  NICE investigates the network IDS approach to counter zombie explorative attacks.
THANK YOU

Recommended

Ijsrdv1 i4019
Ijsrdv1 i4019Ijsrdv1 i4019
Ijsrdv1 i4019
ijsrd.com
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computing
ijsrd.com
 
Vertualisation
VertualisationVertualisation
Vertualisation
Chkifa Khalid
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta
swet4
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622
IJRAT
 
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET Journal
 
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud ComputingChallenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
ijcnes
 
Cloud computing challenges and solutions
Cloud computing challenges and solutionsCloud computing challenges and solutions
Cloud computing challenges and solutions
IJCNCJournal
 

Recommended

Ijsrdv1 i4019
Ijsrdv1 i4019Ijsrdv1 i4019
Ijsrdv1 i4019
ijsrd.com
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computing
ijsrd.com
 
Vertualisation
VertualisationVertualisation
Vertualisation
Chkifa Khalid
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta
swet4
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622
IJRAT
 
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET Journal
 
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud ComputingChallenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
ijcnes
 
Cloud computing challenges and solutions
Cloud computing challenges and solutionsCloud computing challenges and solutions
Cloud computing challenges and solutions
IJCNCJournal
 
Nice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureNice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasure
IEEEFINALYEARPROJECTS
 
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
IEEEGLOBALSOFTTECHNOLOGIES
 
Ea33762765
Ea33762765Ea33762765
Ea33762765
IJERA Editor
 
Ea33762765
Ea33762765Ea33762765
Ea33762765
IJERA Editor
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
IJIR JOURNALS IJIRUSA
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
Er. Saba karim
 
IRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in CloudIRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET Journal
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
Deenuji Loganathan
 
Nice network intrusion detection and countermeasure selection in virtual netw...
Nice network intrusion detection and countermeasure selection in virtual netw...Nice network intrusion detection and countermeasure selection in virtual netw...
Nice network intrusion detection and countermeasure selection in virtual netw...
JPINFOTECH JAYAPRAKASH
 
original research papers
original research papersoriginal research papers
original research papers
rikaseorika
 
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...
cscpconf
 
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...
csandit
 
Cloud computing final format(1)
Cloud computing final format(1)Cloud computing final format(1)
Cloud computing final format(1)
ahmed elmeghiny
 
Secure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdfSecure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdf
NK Carpenter
 
Presentation copy
Presentation copyPresentation copy
Presentation copy
Adel Zalok
 
Cloud Security and their classifications
Cloud Security and their classificationsCloud Security and their classifications
Cloud Security and their classifications
KENNEDYDONATO1
 
Malware detection in cloud computing infrastructures
Malware detection in cloud computing infrastructuresMalware detection in cloud computing infrastructures
Malware detection in cloud computing infrastructures
ieeepondy
 
Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...
SubmissionResearchpa
 
Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Cloud security Deep Dive 2011
Cloud security Deep Dive 2011
Kim Jensen
 
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentSVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
IJTET Journal
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
Zilliz
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 

More Related Content

Similar to Prevention of Vulnerable Virtual Machines against DDOS.pptx

FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
Deenuji Loganathan
 
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...
cscpconf
 
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...
csandit
 
Secure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdfSecure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdf
NK Carpenter
 
Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...
SubmissionResearchpa
 
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentSVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
IJTET Journal
 

Similar to Prevention of Vulnerable Virtual Machines against DDOS.pptx (20)

Nice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureNice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasure
 
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
 
Ea33762765
Ea33762765Ea33762765
Ea33762765
 
Ea33762765
Ea33762765Ea33762765
Ea33762765
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
IRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in CloudIRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in Cloud
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
 
Nice network intrusion detection and countermeasure selection in virtual netw...
Nice network intrusion detection and countermeasure selection in virtual netw...Nice network intrusion detection and countermeasure selection in virtual netw...
Nice network intrusion detection and countermeasure selection in virtual netw...
 
original research papers
original research papersoriginal research papers
original research papers
 
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...
 
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...
 
Cloud computing final format(1)
Cloud computing final format(1)Cloud computing final format(1)
Cloud computing final format(1)
 
Secure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdfSecure Your Sky_ Mastering Cloud Web Security.pdf
Secure Your Sky_ Mastering Cloud Web Security.pdf
 
Presentation copy
Presentation copyPresentation copy
Presentation copy
 
Cloud Security and their classifications
Cloud Security and their classificationsCloud Security and their classifications
Cloud Security and their classifications
 
Malware detection in cloud computing infrastructures
Malware detection in cloud computing infrastructuresMalware detection in cloud computing infrastructures
Malware detection in cloud computing infrastructures
 
Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...
 
Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Cloud security Deep Dive 2011
Cloud security Deep Dive 2011
 
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentSVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
 

Recently uploaded

Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
CzechDreamin
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 

Recently uploaded (20)

Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
The architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdfThe architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdf
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 

Prevention of Vulnerable Virtual Machines against DDOS.pptx

  • 1. PREVENTION OF VULNERABLE VIRTUAL MACHINES AGAINST DDOS ATTACKS IN THE CLOUD 1 IDREES S PATEL NOORAIN FATHIMA II M.Sc. Data Science Cloud Computing
  • 2. 1. Cloud and Cloud Computing 2. Virtual Machine 3. Cloud Security 4. Cloud Attacks 5. NICE CONTENTS
  • 3. What is Cloud? a. is a cluster b. It is a supercomputer c. It is a data store d. a superman None of the above yet all of the above. CLOUD – A VIRTUAL BACKPACK
  • 4.  It is a global network of servers with a unique function.  It is not a physical entity, instead it is a vast network of remote servers around the globe that are hooked together and meant to operate as a single ecosystem.  The cloud refers to servers that are accessed over the web. CLOUD – A VIRTUAL BACKPACK
  • 5.  Cloud computing refers to manipulating, configuring, and accessing applications online.  It offers online data storage, infrastructure, and application.  Cloud providers use virtualization technologies combined with self-service abilities for computing resources via network infrastructure CLOUD COMPUTING – A SILVER LINING
  • 6.  In cloud environments, several kinds of virtual machines are hosted on the same physical server as infrastructure  A virtual machine (VM) is a digital version of a physical computer that can store data, connect to networks, and do other computing functions.  Virtual machines run on a physical machine and access computing resources from software called a hypervisor. VIRTUAL MACHINE - SIMULACRUM
  • 7.  Recent studies have shown that users migrating to the cloud consider security as the most important factor.  A recent Cloud Security Alliance (CSA) survey shows that among all security issues, abuse and nefarious use of cloud computing are considered the top security threat.  Cloud security is a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. CLOUD SECURITY – CLOUD-LOCK HOLMES
  • 8. There are many forms of cloud attacks. Among them important attacks that exist are: • DoS attacks against Cloud • DDoS attacks against Cloud • XML based DoS (X-DoS) • HTTP based DoS (H-Dos) CLOUD ATTACKS – CLOUD-POCALYPSE
  • 9. DoS Attacks against the Cloud It is an increasingly prevalent security threat in the cloud. The attack intentionally compromises the availability of the virtual machines, and it is typically against the will of affected cloud users. To prevent DoS attacks against the cloud, various measures can be taken, such as implementing firewalls, using load balancers, and deploying intrusion detection and prevention systems. CLOUD ATTACKS – CLOUD-POCALYPSE
  • 10. DDoS Attacks against the Cloud It is a significant threat to cloud infrastructure because multiple compromised systems or compromise multiple virtual machines attack a single target (cloud), thereby causing a denial of service for cloud users of the targeted system. To prevent DDoS attacks against the cloud, various measures can be taken, such as implementing firewalls, using load balancers, traffic filtering, network segmentation, DDoS Protection Services, and so on. CLOUD ATTACKS – CLOUD-POCALYPSE
  • 11. Extensible Markup Language (XML) based Denial of Service (X-DoS) XML DoS attacks are extremely asymmetric: to deliver the attack payload, an attacker needs to spend only a fraction of the processing power or bandwidth that the victim needs to spend to handle the payload. To prevent X-DoS attacks against the cloud, various measures can be taken, such as the number of requests a user can make in a given period, implementing input validation, using a secure XML parser, and so on. CLOUD ATTACKS – CLOUD-POCALYPSE
  • 12. Hypertext Transfer Protocol (HTTP) based Denial of Service (H-DoS) Hypertext Transfer Protocol (HTTP) is a protocol used to transfer data over the internet. HTTP-based Denial of Service (H-DoS) attacks exploit vulnerabilities in the HTTP protocol to launch attacks on web servers and applications. To prevent X-DoS attacks against the cloud, various measures can be taken, such as the number of requests a user can make in a given period, implementing input validation, using a web application firewall, and so on. CLOUD ATTACKS – CLOUD-POCALYPSE
  • 13. Among these different types of attacks, Distributed Denial of Service Attack is more vulnerable to the cloud which compromises the virtual machines to explore DDOS attacks against the cloud CLOUD ATTACKS – CLOUD-POCALYPSE
  • 14.  NIST (National Institute of Standards and Technology) defines NICE (National Initiative for Cybersecurity Education) as a comprehensive national cybersecurity training, education, and workforce development program.  NICE in cloud security refers to the implementation of NICE standards and guidelines to ensure a skilled and competent workforce in cloud security. NICE – Oh Nice!
  • 15. Key Principles of NICE:  Identifying and managing risk  Continuous monitoring and improvement  Access control  Incident response and recovery  Training and awareness NICE – Oh Nice!
  • 16. NICE MODEL – THREAT MODEL  In this attack model, we assume that an attacker can be located either outside or inside of the virtual networking system.  Our protection model focuses on virtual-network-based attack detection and reconfiguration solutions to improve the resiliency to zombie explorations.
  • 17. NICE MODEL – ATTACK GRAPH MODEL  An attack graph is a modeling tool to illustrate all possible multi- stage, multi-host attack paths that are crucial to understanding threats and then deciding appropriate countermeasures.  In an attack graph, each node represents either precondition or consequence of an exploit.  The actions are not necessarily active attacks since normal protocol interactions can also be used for attacks.  An attack graph is a modeling tool to illustrate all possible multi- stage, multi-host attack paths that are crucial to understanding threats and then deciding appropriate countermeasures.  In an attack graph, each node represents either precondition or consequence of an exploit.  The actions are not necessarily active attacks since normal protocol interactions can also be used for attacks.
  • 18. NICE MODEL – SYSTEM ARCHITECTURE
  • 19. NICE MODEL – SYSTEM ARCHITECTURE NICE - A  The NICE-A is a Network-based Intrusion Detection System (NIDS) agent installed in each cloud server.  It scans the traffic going through the bridges that control all the traffic among VMs and in/out from the physical cloud servers.  Each bridge forms an isolated subnet in the virtual network and connects to all related VMs.  The traffic generated from the VMs on the mirrored software bridge will be mirrored to a specific port on a specific bridge
  • 20. NICE MODEL – SYSTEM ARCHITECTURE VM PROFILING  Virtual machines in the cloud can be profiled to get precise information about their state, services running, open ports, etc.  One major function of a VM Profile is its connectivity with other VMs.  It includes information about the VM's hardware configuration, such as the amount of memory, number of CPUs, and the amount of storage allocated to the VM.  VM profiles can be used to standardize VM configurations, making it easier to manage and deploy VMs in a virtualized environment.
  • 21. NICE MODEL – SYSTEM ARCHITECTURE ATTACK ANALYSER  The process of constructing and utilizing the Scenario Attack Graph (SAG) consists of three phases: information gathering, attack graph construction, and potential exploit path analysis.  The Attack Analyzer also handles alert correlation and analysis operations.
  • 22. NICE MODEL – SYSTEM ARCHITECTURE NETWORK CONTROLLER  The network controller is a key component to support the programmable networking capability to realize the virtual network reconfiguration.  The network controller is responsible for collecting network information of the current Open Flow network and provides input to the attack analyzer to construct attack graphs
  • 23. CONCLUSION – PUNCHLINE!  NICE detects and mitigates collaborative attacks in the cloud virtual networking environment.  NICE utilizes the graph models to conduct attack detection and prediction.  NICE investigates the network IDS approach to counter zombie explorative attacks.