Understanding issues and challenges posed by LDoS, FRC attacks on cloud environment

Abstract

Cloud computing has taken the world by storm with its numerous benefits like pay-as-you-go pricing, ease of deployment, and an ecosystem of services. Cloud computing has its share of challenges including security, vendor lock-in, cost in the long run, and configuration complexity. Along with the rise of its use, the threats from malicious actors are going up as well. These attackers either want to take down the services of cloud consumers or to hamper the financial viability of these services by inducing unwanted resource usage or by using cloud resources without the victim's consent. Low-rate denial of service attack (LDoS), and fraudulent resource consumption attack (FRC) are the two most important and widespread attacks which take advantage of the cloud provider's utility pricing and cause heavy financial damage to the victim. In LDoS attacks, the attack rate is kept low to remain undetected, which causes the victim's system to use more resources for a longer time or to lower the quality of service (QoS). FRC, like LDoS, is a low-rate attack, but its main motive is to use resources fraudulently. These attacks are difficult to detect and hence it can cause large financial damage to customers over the long run. The fundamental purpose of detecting and addressing FRC and LDoS is to decrease the financial implications of cloud infrastructure. This paper seeks to evaluate and provide a summary of the tools, techniques, and datasets that can be utilized in the research of FRC and LDoS attacks. To achieve its goal, this paper explains cloud computing, its benefits, and challenges and the security issues in the cloud with a focus on LDoS and FRC. It also summarizes the datasets, tools and attack detection techniques for LDoS and FRC, along with the review of research done in the past on LDoS and FRC detection. It concludes with the challenges in detecting FRC and future work.