一种保护云计算免受XML DDoS和HTTP DDoS攻击的梳理方法

2012 IEEE Students' Conference on Electrical, Electronics and Computer Science Pub Date : 2012-03-01 DOI:10.1109/SCEECS.2012.6184829

Tarun Karnwal, T. Sivakumar, G. Aghila

{"title":"一种保护云计算免受XML DDoS和HTTP DDoS攻击的梳理方法","authors":"Tarun Karnwal, T. Sivakumar, G. Aghila","doi":"10.1109/SCEECS.2012.6184829","DOIUrl":null,"url":null,"abstract":"Cloud computing is an internet based pay as use service which provides three layered services (Software as a Service, Platform as a Service and Infrastructure as a Service) to its consumers on demand. These on demand service facilities provide to its consumers in multitenant environment but as facility increases complexity and security problems also increase. Here all the resources are at one place in data centers. Cloud uses public and private APIs (Application Programming Interface) to provide services to its consumers in multitenant environment. In this environment Distributed Denial of Service attack (DDoS), especially HTTP, XML or REST based DDoS attacks may be very dangerous and may provide very harmful effects for availability of services and all consumers will get affected at the same time. One other reason is that because the cloud computing users make their request in XML then send this request using HTTP protocol and build their system interface with REST protocol such as Amazon EC2 or Microsoft Azure. So the threaten coming from distributed REST attacks are more and easy to implement by the attacker, but to security expert very difficult to resolve. So to resolve these attacks this paper introduces a comber approach for security services called filtering tree. This filtering tree has five filters to detect and resolve XML and HTTP DDoS attack.","PeriodicalId":372799,"journal":{"name":"2012 IEEE Students' Conference on Electrical, Electronics and Computer Science","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"83","resultStr":"{\"title\":\"A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack\",\"authors\":\"Tarun Karnwal, T. Sivakumar, G. Aghila\",\"doi\":\"10.1109/SCEECS.2012.6184829\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing is an internet based pay as use service which provides three layered services (Software as a Service, Platform as a Service and Infrastructure as a Service) to its consumers on demand. These on demand service facilities provide to its consumers in multitenant environment but as facility increases complexity and security problems also increase. Here all the resources are at one place in data centers. Cloud uses public and private APIs (Application Programming Interface) to provide services to its consumers in multitenant environment. In this environment Distributed Denial of Service attack (DDoS), especially HTTP, XML or REST based DDoS attacks may be very dangerous and may provide very harmful effects for availability of services and all consumers will get affected at the same time. One other reason is that because the cloud computing users make their request in XML then send this request using HTTP protocol and build their system interface with REST protocol such as Amazon EC2 or Microsoft Azure. So the threaten coming from distributed REST attacks are more and easy to implement by the attacker, but to security expert very difficult to resolve. So to resolve these attacks this paper introduces a comber approach for security services called filtering tree. This filtering tree has five filters to detect and resolve XML and HTTP DDoS attack.\",\"PeriodicalId\":372799,\"journal\":{\"name\":\"2012 IEEE Students' Conference on Electrical, Electronics and Computer Science\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"83\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE Students' Conference on Electrical, Electronics and Computer Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SCEECS.2012.6184829\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE Students' Conference on Electrical, Electronics and Computer Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SCEECS.2012.6184829","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 83

摘要

云计算是一种基于互联网的即用即付服务，它按需向消费者提供三层服务(软件即服务、平台即服务和基础设施即服务)。这些随需应变服务设施在多租户环境中为其消费者提供服务，但随着设施的增加，复杂性和安全性问题也随之增加。在这里，所有资源都集中在数据中心的一个地方。云使用公共和私有api(应用程序编程接口)在多租户环境中为其消费者提供服务。在这种环境下，分布式拒绝服务攻击(DDoS)，特别是基于HTTP、XML或REST的DDoS攻击可能是非常危险的，并且可能对服务的可用性提供非常有害的影响，所有消费者将同时受到影响。另一个原因是，因为云计算用户在XML中发出请求，然后使用HTTP协议发送此请求，并使用REST协议(如Amazon EC2或Microsoft Azure)构建系统接口。因此，分布式REST攻击带来的威胁多且容易被攻击者实现，但对于安全专家来说却很难解决。因此，为了解决这些攻击，本文引入了一种称为过滤树的安全服务筛选方法。该过滤树有五个过滤器，用于检测和解析XML和HTTP DDoS攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack

Cloud computing is an internet based pay as use service which provides three layered services (Software as a Service, Platform as a Service and Infrastructure as a Service) to its consumers on demand. These on demand service facilities provide to its consumers in multitenant environment but as facility increases complexity and security problems also increase. Here all the resources are at one place in data centers. Cloud uses public and private APIs (Application Programming Interface) to provide services to its consumers in multitenant environment. In this environment Distributed Denial of Service attack (DDoS), especially HTTP, XML or REST based DDoS attacks may be very dangerous and may provide very harmful effects for availability of services and all consumers will get affected at the same time. One other reason is that because the cloud computing users make their request in XML then send this request using HTTP protocol and build their system interface with REST protocol such as Amazon EC2 or Microsoft Azure. So the threaten coming from distributed REST attacks are more and easy to implement by the attacker, but to security expert very difficult to resolve. So to resolve these attacks this paper introduces a comber approach for security services called filtering tree. This filtering tree has five filters to detect and resolve XML and HTTP DDoS attack.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 IEEE Students' Conference on Electrical, Electronics and Computer Science

自引率

0.00%

发文量