Delivery in day(s): 4
BUSI1013 Cloud Computing Technology Assignments Solution
The cloud computing can be explained as servers hosted in the internet, that can be accessed by customers. It can be said that in the recent times the use of the cloud servers have increased a lot. There have been a number of organisations that have been using the cloud servers for the benefit of the public. The use of the cloud computing enhances the organisations working and reduces the chances of any risk management associated with server problems (Ahmed & Hossain, 2014). In the Gigantic the use of the cloud can help the organisations many of the ways. Some of the major benefits of the cloud servers are explained in the paper.
The cloud holds majority of the application that can be used by the orgasaition in the online platform. One of the major application that is very common in the present times in the use of the ERP or the enterprise resource planning software.
The cloud architecture can besub dividedinthree different segments, namely the public cloud, private cloud and the hybrid cloud.
1. Public cloud: The public clouds are the systems that are operated by the third parties. It provides the customers with option of the pay as you go option. All the customers in this system use the same infrastructure as provided by the orgasaition that is hosting the cloud server (Chen et al., 2013). One of the major benefit of using the public cloud is the fact that it haves large sum of memory on demand. There are several major disadvantage also in this system. One of the major disadvantage is the fact that the security of each of the servers is very poor (Choi et al., 2013). As many organisation uses the same infrastructure for the process hence the security automatically reduces.one of the major example of this the Google Cloud servers.
2. Private cloud: The private cloud servers are used by a single enterprise for organisational use. These servers are hosted only for a specific organisation and the cloud can only be accessed through system of the organisation. The private cloud can be sub divided in the two categories.
On- Premise Private Cloud: The on premise cloud servers are hosted using inside the office using its own data centres. This enhances the security policy of the cloud and also helps the organisation in ensuring the data protections. Although this increases the cost of the service (Chouhan & Peddoju, 2013). This ensures that total control of the cloud is in the hand of the organization and hence ensure the maximum security.
3. Externally Hosted Private Cloud: This service is provided and hosted externally though a cloud server using third party. This ensures that the specified cloud is only used by the servers of the organisation only. The cost of this is lower that of the on premise of the private cloud.
4. Hybrid Cloud: The hybrid cloud can be explained as the servers which uses both the concepts of the private and the public servers. The service is provided by the public servers and but provides the essentials of the private servers (Darwish, Ouda & Capretz, 2013). This ensures that there are less amount of risk in the concept and reduces the chances of the getting hacked.
The cloud servicehavesome of the major service models that can be used for the process of enhancing the features. Thus features that can be used are:
1. SAAS- the Saas or the software as a service is one of the major use of the application. In this the cloud servers host the application over the servers and the organisation can use the same (Deshmukh, & Devadkar, 2015). This can be explained as the model for the process of the distribution of the software. This is one of the major feature of the public cloud systems and hence are very low costly. The major characterics of the SAAs are, the updates of the software are automatically done and the user does not need to worry about the same. The purchase of the servers are based of the subscription basis. The requirement of the hardware is very low as the entire process os done in the web.
2. PaaS: The PaaS or the platform as a service can be explained as the upper version of the software as service (Girma, Garuba & Liu, 2015). The PaaS can be explained as the integrated solution or a solution stack that is rented over the internet connection. The PaaS have two layers of the web applications, the hardware and the software.
3. IaaS- The IaaS or the infrastructure
Thus, it can be understand that using the Private on premise cloud service is one of the major point that can be used in the organisation for the betterment of the business. This ensures that the data of the organisation is safe and hence ensuring data protection to the customers.
(Figure1: DDOS Attack pattern)
One of the major thing that will be explained in the paper how the use of the cloud servers can help servers of organisations form preventing by the distributed denial-of-service or the DDOS attacks. The use of the cloud servers can help in the process of prevention of the data of the customers and the organisational data form the DDOS attacks that attack systems. The DDOS attack can be explained as the attacks that are made in order to flow huge amount of data in the servers of the organisation and thus blocking the process of correct data entry (Iyengar et al.,2014). This attacks works on the similar way on the cloud servers as it does in the normal servers. The paper focuses on the factors that helps in the process of the prevention form the cloud servers. Further why there is need of cloud servers is nessacery for the organisation and how these can help in the process of enhancing the system uses are also well explained in the paper.
As explained above the cloud computing is one of the major application that is used by majority of the organisation now a days. Although of its advantages there are some of the major risks that are associated with the cloud computing architecture and this reduces the efficiency of the cloud computing. One of the risk is the DDOS attacks that is associated (Kumar & Sharma, 2013). The DDOS or the distributed denial of service attack is one of the major attack that are often made in the cloud servers can be explained as the process of flooding the servers with bogus data and blocking the servers so that the legitimate data cannot be uploaded or downloaded (lua et al., 2013). The hackers mostly exploits the scenario of the of pay as you go model of the cloud computing and causes problem for the victim. The major attacks that are done on the cloud servers are:
There are several kinds of attacks that are made in the cloud servers that the organisation needs to take care of, some of the major attacks that are made in the cloud servers are:
Bandwidth depletion attacks:
(Figure2: DDOS Attack)(
Source :Loneaet al., 2013))
This type of the attacks consumes the bandwidth of target r the victim system. This done by flooding unwanted traffic which reduces the bandwidth and thus effecting the legitimate traffic form reaching the network. One of the major tool that can help in this type of the attack is trinoo. Further the bandwidth depletion attack can be sub divided in two categories namely the Flooding attack and amplification attack.
1. Flood Attacks: This type of attacks are done by the attacker in order to jam the network of the victim by sending huge amount of data using zombie bots which clogs up the victim network (Navaz, Sangeetha & Prabhadevi, 2013). This reduces the bandwidth of the cloud server used by the victim (Reddy et al., 2013). The attacks uses the UDP that is the User Datagram packets and ICMP that is the internet Control Message Protocol packets. The steps of the attack follows as :
1. attacker sends large data sets of UDP packets to the server’s random ports. This blocks the ports of the server.
2. When the port receives the data it searches for the destination port.
3. When the port does not get any further response it generates the message of destination unreachable.
4. This ensures that the original data also does not reaches the port.
2. Amplification attack:In this kind of the attack the attacker sends large data sets to the broadcast Ip address (Negi, Mishra & Gupta, 2013). This causes the broadcaster to reply to the pings made by the attackers. This ensures that entire server is blocked with messages from the attackers and the original pings never reaches the server.
Resource depletion attacks:
Under this kind of the attacks the attackers make sure that target server is exhausted with malicious forms of the data and the original data does not reaches the servers (Yu et al., 2014). There are various kinds of the resource depletion attack under the DDOS.
Protocol Exploit Attack: The primary goal of this attack is to ensure that the attackers consume the majority of the resources present in the servers (Osanaiye, 2015). The TCP – SYN attack is one of the major example of this type of the attacks.
Malformed Packets attacks: Under this kind of the attacks, the attackers sends data packets that are malformed and jams the network of the user.
IP Address attack: The malformed packet is wrapped with same source and destination IP address thus creating chaos in the operating system of victim (Yan, Gong & Li, 2016). By this way it rapidly slows down and crashes the victim.
Hence it can be said that the DDOS attack may be one of the major disadvantage of the cloud servers that can affect the usage of the server. This is increased with the pay as you go scale of the cloud services (Osanaiye, Choo & Dlodlo, 2016). This is because of the fact that with the increase in the memory the sum of the attacks can also increase. There are several major disadvantage also in this system (Yan & Yu, 2015). One of the major disadvantage is the fact that the security of each of the servers is very poor.
In order to mitigate this kind of the risks there can be several things that can be done in order to enhance the service of the cloud computing servers.
Helps on migration form the resource bottleneck
Checking if there are needs for extra resources at critical times
False resources checking alarms.
Migrating the DDOS victim from the servers of the cloud
Selecting the candidate to be migrated.
Migration costs and swapping the data from the clouds.
Operating system resource management
Minimising the resources of the operating system during the attack is detected.
Deep analysis must be done in order to verify the proper data sources.
Quick checks can reduce the search efficiency.
Software Defined Networking
Checking and contorting the incoming data using proper software.
Software Defined Networking can be an easy target by the attackers.
Mostly useful at network boundaries and ISP level network control.
DDOS mitigation as a service
Cloud based mitigation service is one of the best solution for ensuring DDOS attack blocks.
Cost of the DDOS mitigation service is very high and are tough to be implemented.
Cannot be used in local servers.
Thus it can be said that that if proper mitigation policy is ensured then the use of cloud can help the organisation in enhancing the services. The use of the cloud servers can help the organisation is ensuring the proper security and services to the customers (Salah et al., 2013). These risk can reduce the efficacy of the system and can ensure that the organisation is unable to use servers (Xiao, & Xiao, 2013). The organisation must ensure proper mitigation policies in order to enhance the performance of the serves. One of the major thing that can be done in order to reduce this kind of the attacks are to use the private in house cloud servers which are entirely controlled by the organization.
Deshmukh, R. V., & Devadkar, K. K. (2015), in this paper explains about the major concepts of DDOS attacks that causes problems in the servers. The researchers well explains the major architectures of the cloud architectures that helps in the process of enhancing the process of cloud security (Wang et al., 2013). This paper well explains the processes of the DDOS attacks that are majorly found in the servers of the organisational behaviour Further the researchers explains about the various types of the DDOS attacks that are commonly found in the servers of a system. Later, in the paper the researchers well explains about the processes that can used in order to mitigate this kind of the risks. The major DDOS attack analysing techniques are also well explained in the paper. The paper ensures provides enough examples that how the distributed denial of service attack can be prevented and ensure that proper flow of the data is ensured.
In this paper Osanaiye et al., (2016). Explains about the process of software denial networking and the DDOS attack survey and how the availability of the data can help in the process of ensuring that data remains a challenge. The researchers explains about the major concepts of the DDOS and its processes. The major things that the researchers explained in this paper are Anomaly-based, Cloud Distributed Denial of Service (DDoS) attacks, Change point detection, Distributed Denial of Service (DDoS) attack taxonomy Cloud Distributed Denial of Service (DDoS) survey, Flooding attacks. This paper well explains the processes of the DDOS attacks that are majorly found in the servers of the organisation (Shahzad, 2014). Further the researchers explains about the various types of the DDOS attacks that are commonly found in the servers of a system. This enhances the security policy of the cloud and also helps the organisation in ensuring the data protections. Although this increases the cost of the service these are the major concepts that are well explained in the paper. DDoS attack tools are capable of launching such attacks targeting different cloud components (Xiao, & Xiao, 2013). More research should also be directed towards efficient defines solutions that can detect both high and low level DDoS attacks One of the major thing that is well explained in the paper which are not explained in the other papers are the concept of the XML flooding attacks. Unlike the paper of Deshmukh & Devadkar (2015), this paper is unable to provide the ways on how to solve the problems of the cloud servers (Somani et al., 2017). The paper primarily focuses on the facts about the DDOS attacks on the cloud servers. Concluding the topic the researchers explained about the challenges that may come up in the recent future and how these can be avoided.
Some of the major processes that can be used for the purpose ofthe reducingthese distributed denial of service attacks are
The most important thing that must be ensured in order to enhancethe cloudsecurityare maintainthe basic aspects of the :
2. Access controllability
4. The use of the DDOS as a mechanism must be used in order to reduce the chances of the any DDOS attack.
5. If any DDOS attack is encountered then victim migration technique must be used as soon as possible.
6. The use of the SDN or the software defined networking can be used in order to enhance the security of the servers.
7. The Operating systems that are used must ensure proper security to the servers.
Thus, concluding the topic it can be said that the use of the Cloud computing can help the organisation Gigantic in many ways. The use of the cloud enhances the internal operations of the organisation as well as helps in properly managing the data of the customers. Yet there are some of the major obstacles that must not overlooked. The distributed denial of service is one of such thing that must be properly ensured. The DDOS or the distributed denial of service attack is one of the major attack that are often made in the cloud servers can be explained as the process of flooding the servers with bogus data and blocking the servers so that the legitimate data cannot be uploaded or downloaded. The hackers mostly exploits the scenario of the of pay as you go model of the cloud computing and causes problem for the victim The attackers does this kinds of attacks in the servers in order to jam the services and stop the legitimate data flow. The organisation must ensure that proper prevention mechanism are used in order to reduce this kinds of the attacks. The use of the cloud computing enhances the organisations working and reduces the chances of any risk associated with server problems.
1.cAhmed, M., & Hossain, M. A. (2014). Cloud computing and security issues in the cloud. International Journal of Network Security & Its Applications, 6(1), 25.
2. Chen, Z., Han, F., Cao, J., Jiang, X., & Chen, S. (2013). Cloud computing-based forensic analysis for collaborative network security management system. Tsinghua science and technology, 18(1), 40-50.
3. Choi, J., Choi, C., Ko, B., Choi, D., & Kim, P. (2013). Detecting Web based DDoS Attack using MapReduce operations in Cloud Computing Environment. J. Internet Serv. Inf. Secur., 3(3/4), 28-37.
4. Chouhan, V., & Peddoju, S. K. (2013). Packet monitoring approach to prevent DDoS attack in cloud computing. International Journal of Computer Science and Electrical Engineering (IJCSEE) ISSN, (2315-4209).
5. Darwish, M., Ouda, A., & Capretz, L. F. (2013, June). Cloud-based DDoS attacks and defenses. In Information Society (i-Society), 2013 International Conference on (pp. 67-71). IEEE.
6. Deshmukh, R. V., & Devadkar, K. K. (2015). Understanding DDoS attack & its effect in cloud environment. Procedia Computer Science, 49, 202-210.
7. Girma, A., Garuba, M., Li, J., & Liu, C. (2015, April). Analysis of DDoS attacks and an introduction of a hybrid statistical model to detect DDoS attacks on cloud computing environment. In Information Technology-New Generations (ITNG), 2015 12th International Conference on (pp. 212-217). IEEE.
8. Iyengar, N. C. S. N., Ganapathy, G., Mogan Kumar, P. C., & Abraham, A. (2014). A multilevel thrust filtration defending mechanism against DDoS attacks in cloud computing environment. International Journal of Grid and Utility Computing, 5(4), 236-248.
9. Kumar, N., & Sharma, S. (2013, July). Study of intrusion detection system for DDoS attacks in cloud computing. In Wireless and Optical Communications Networks (WOCN), 2013 Tenth International Conference on (pp. 1-5). IEEE.
10. Lonea, A. M., Popescu, D. E., & Tianfield, H. (2013). Detecting DDoS attacks in cloud computing environment. International Journal of Computers Communications & Control, 8(1), 70-78.
11. Lua, R., & Yow, K. C. (2013). Mitigating ddos attacks with transparent and intelligent fast-flux swarm network. IEEE Network, 25(4).
12. Navaz, A. S., Sangeetha, V., & Prabhadevi, C. (2013). Entropy based anomaly detection system to prevent DDoS attacks in cloud. arXiv preprint arXiv:1308.6745.
13. Negi, P., Mishra, A., & Gupta, B. B. (2013). Enhanced CBF packet filtering method to detect DDoS attack in cloud computing environment. arXiv preprint arXiv:1304.7073.
14. Osanaiye, O. A. (2015, February). Short Paper: IP spoofing detection for preventing DDoS attack in Cloud Computing. In Intelligence in Next Generation Networks (ICIN), 2015 18th International Conference on (pp. 139-141). IEEE.
15. Osanaiye, O., Choo, K. K. R., & Dlodlo, M. (2016). Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. Journal of Network and Computer Applications, 67, 147-165.
16. Reddy, V. K., Rao, B. T., & Reddy, L. S. S. (2013). Research issues in cloud computing. Global Journal of Computer Science and Technology.
17. Salah, K., Calero, J. M. A., Zeadally, S., Al-Mulla, S., & Alzaabi, M. (2013). Using cloud computing to implement a security overlay network. IEEE security & privacy, 11(1), 44-53.
18. Shahzad, F. (2014). State-of-the-art survey on cloud computing security Challenges, approaches and solutions. Procedia Computer Science, 37, 357-362.
19. Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Buyya, R. (2017). DDoS attacks in cloud computing: Issues, taxonomy, and future directions. Computer Communications, 107, 30-48.
20. Wang, B., Zheng, Y., Lou, W., & Hou, Y. T. (2015). DDoS attack protection in the era of cloud computing and software-defined networking. Computer Networks, 81, 308-319.
21. Xiao, Z., & Xiao, Y. (2013). Security and privacy in cloud computing. IEEE Communications Surveys & Tutorials, 15(2), 843-859.
22. Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine, 53(4), 52-59.
23. Yan, Q., Yu, F. R., Gong, Q., & Li, J. (2016). Software Engineering -defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials, 18(1), 602-622.
24. Yu, S., Tian, Y., Guo, S., & Wu, D. O. (2014). Can we beat DDoS attacks in clouds?. IEEE Transactions on Parallel and Distributed Systems, 25(9), 2245-2254