Intrusion detection system- An efficient way to thwart against Dos/DDos attack in the cloud environment

Abstract

One of the emerging and glooming technologies in the IT is Cloud computing where the information is permanently stored in the third party cloud servers and cached temporarily on clients that include different devices like desktops, entertainment centers, table computers, notebooks, wall computers, sensors, etc. Internet connection is the basic requirement for accessing the cloud. Virtualization technology is another technology which goes along with the cloud environment which is used most widely to reduce the cost purchasing the hardware infrastructures in organizations. Henceforth, the Cloud Computing Systems can be easily intruded by various types of cyber attacks including Denial of Serv-ice (DoS) attack and Distributed Denial of Service (DDoS) attack which utilize the entire resources like CPU, Memory, etc and makes the server to starve. This creates a major impact reducing the efficiency of the virtual machines. In the proposed method, attack can be overcome by Transmission Control Protocol (TCP) Mitigation Strategy which uses the SYN Cookie to prevent the attack in the cloud to prevent the attack in which the server ignores the connection packets when it does not receive the correct Acknowledgement (ACK) from the client which requested the connection. The server here has rules to be check whether it is a legitimate client or the spoofed one using the first layer of security for hop count filtering mechanism and second layer of security is encoding the sequence number of the SYN packet so that only a legitimate client can decode it. Additionally security is also provided for the data packets using the Message Authentication Code (MAC) and thus client is authenticated.