Security Scheme for Protecting Cloud Computing Services Against Bursty DDoS Attacks

In cloud computing, data and applications are maintained on remote servers and accessed via the Internet. Virtualised resources such as dynamic servers are operated through the Internet, which increases the economic benefits accrued to customers from software. Cloud computing reduces customer concerns about software licenses, hardware, and overall system maintenance. Connections between web services are typically enabled using the simple object access protocol (SOAP), and extensible markup language (XML) or hypertext transport protocol (HTTP) is used to construct SOAP messages. Denial of service (DoS) and distributed DoS (DDoS) are two major problems affecting cloud computing services, and it is a challenge to resolve them completely. The identity of the perpetrators of these acts is usually difficult to ascertain especially when the attacks are carried out using spoofed IP addresses. Consequently, differentiating genuine packets from the packets sent by hackers is difficult. The addresses are spoofed with the intention of causing harm to cloud service provider communication channels. Distinguishing legitimate messages from illegitimate messages is an important step towards solving the problem of DDoS attacks. Modulo and CLASSIE methods effectively detect and reduce spoofing attacks using unique rulesets. In this paper, we propose using modulo packet marking and a method called reconstruct and drop (RAD) to differentiate and discard malicious packets. The proposed method improves the detection and filtering of DDoS attacks. Further, the results of comparisons conducted indicate that the proposed method requires fewer bits than Huffman code and its performance is better than that of cloud protector.