一项调查:使用软计算技术的云托管网站保护

2017 7th International Conference on Cloud Computing, Data Science & Engineering - Confluence Pub Date : 2017-01-01 DOI:10.1109/CONFLUENCE.2017.7943170

S. Bhingarkar, D. Shah

{"title":"一项调查:使用软计算技术的云托管网站保护","authors":"S. Bhingarkar, D. Shah","doi":"10.1109/CONFLUENCE.2017.7943170","DOIUrl":null,"url":null,"abstract":"Several vendors opt for Cloud based website hosting nowadays, as it is very trustworthy, easily scalable and reasonable hosting solution than traditional website hosting in various aspects. The most common attacks carried out currently against web application are SQL injection. Cross Site Scripting (XSS), Distributed Denial of Service (DDoS) and Cross Site Request Forgery (CSRF). Distributed Denial-of-service (DDoS) attack is one of the major web security attacks to the cloud hosted websites. Hence, this paper mainly concentrates upon soft computing techniques used so far against such attack. The most straightforward way to carry out the attack is through botnet. The malicious HTTP traffic generated by an attacker imitates to be genuine and hence go undetected. Nowadays, different soft computing techniques are used as a tool to detect malicious traffic. This paper presents a review of these techniques implemented so far that differentiate between genuine and malicious traffic. Economic Denial of Sustainability (EDoS) is a special sort ο f DDoS attack that exploits cloud's pay-as-you-go model. The attacker generates anomalous HTTP requests that cause up scaling of the architecture and this puts financial burden over website owner. This paper tries to realize whether existing techniques can be used for defending EDoS attack and it also points out research directions in this field.","PeriodicalId":6651,"journal":{"name":"2017 7th International Conference on Cloud Computing, Data Science & Engineering - Confluence","volume":"25 1","pages":"325-330"},"PeriodicalIF":0.0000,"publicationDate":"2017-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A survey: Cloud hosted website protection using soft computing techniques\",\"authors\":\"S. Bhingarkar, D. Shah\",\"doi\":\"10.1109/CONFLUENCE.2017.7943170\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Several vendors opt for Cloud based website hosting nowadays, as it is very trustworthy, easily scalable and reasonable hosting solution than traditional website hosting in various aspects. The most common attacks carried out currently against web application are SQL injection. Cross Site Scripting (XSS), Distributed Denial of Service (DDoS) and Cross Site Request Forgery (CSRF). Distributed Denial-of-service (DDoS) attack is one of the major web security attacks to the cloud hosted websites. Hence, this paper mainly concentrates upon soft computing techniques used so far against such attack. The most straightforward way to carry out the attack is through botnet. The malicious HTTP traffic generated by an attacker imitates to be genuine and hence go undetected. Nowadays, different soft computing techniques are used as a tool to detect malicious traffic. This paper presents a review of these techniques implemented so far that differentiate between genuine and malicious traffic. Economic Denial of Sustainability (EDoS) is a special sort ο f DDoS attack that exploits cloud's pay-as-you-go model. The attacker generates anomalous HTTP requests that cause up scaling of the architecture and this puts financial burden over website owner. This paper tries to realize whether existing techniques can be used for defending EDoS attack and it also points out research directions in this field.\",\"PeriodicalId\":6651,\"journal\":{\"name\":\"2017 7th International Conference on Cloud Computing, Data Science & Engineering - Confluence\",\"volume\":\"25 1\",\"pages\":\"325-330\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 7th International Conference on Cloud Computing, Data Science & Engineering - Confluence\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CONFLUENCE.2017.7943170\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 7th International Conference on Cloud Computing, Data Science & Engineering - Confluence","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CONFLUENCE.2017.7943170","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

一些供应商选择基于云的网站托管，因为它是非常值得信赖的，易于扩展和合理的托管解决方案比传统的网站托管在各个方面。目前针对web应用程序的最常见的攻击是SQL注入。跨站脚本(XSS)，分布式拒绝服务(DDoS)和跨站请求伪造(CSRF)。分布式拒绝服务(DDoS)攻击是针对云托管网站的主要网络安全攻击之一。因此，本文主要侧重于迄今为止针对此类攻击所使用的软计算技术。最直接的攻击方式是通过僵尸网络。攻击者生成的恶意HTTP流量被伪装成真实流量，因此无法被检测到。目前，各种软计算技术被用作检测恶意流量的工具。本文介绍了迄今为止实现的这些区分真实和恶意流量的技术。经济可持续性拒绝(EDoS)是一种特殊类型的DDoS攻击，它利用了云的即用即付模式。攻击者生成异常的HTTP请求，导致架构的扩展，这给网站所有者带来了经济负担。本文试图了解现有技术是否可以用于防御dos攻击，并指出了该领域的研究方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A survey: Cloud hosted website protection using soft computing techniques

Several vendors opt for Cloud based website hosting nowadays, as it is very trustworthy, easily scalable and reasonable hosting solution than traditional website hosting in various aspects. The most common attacks carried out currently against web application are SQL injection. Cross Site Scripting (XSS), Distributed Denial of Service (DDoS) and Cross Site Request Forgery (CSRF). Distributed Denial-of-service (DDoS) attack is one of the major web security attacks to the cloud hosted websites. Hence, this paper mainly concentrates upon soft computing techniques used so far against such attack. The most straightforward way to carry out the attack is through botnet. The malicious HTTP traffic generated by an attacker imitates to be genuine and hence go undetected. Nowadays, different soft computing techniques are used as a tool to detect malicious traffic. This paper presents a review of these techniques implemented so far that differentiate between genuine and malicious traffic. Economic Denial of Sustainability (EDoS) is a special sort ο f DDoS attack that exploits cloud's pay-as-you-go model. The attacker generates anomalous HTTP requests that cause up scaling of the architecture and this puts financial burden over website owner. This paper tries to realize whether existing techniques can be used for defending EDoS attack and it also points out research directions in this field.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 7th International Conference on Cloud Computing, Data Science & Engineering - Confluence

自引率

0.00%

发文量