A proactive defense method for the stealthy EDoS attacks in a cloud environment.

Summary: Cloud computing technology provides flexibility to Cloud Service Provider (CSP) for providing the cloud resources based on the users' requirements. In on‐demand pricing model, the attackers exploit this feature and cause unwanted scaling‐up of the cloud resources without any intent to pay for them. The associated cost for the unpaid malicious usage burdens the CSP, and over a long period, economic losses occur at the CSP end. Thus, the resources and services offered by the CSP become unsustainable, and the attack is termed as Economic Denial‐of‐Sustainability (EDoS) attack. The existing defense approaches for EDoS attacks are reactive. Thus, the associated attack detection/mitigation cost is high; consequently, the approaches are not suitable for the Small and Medium Enterprises (SMEs). The aim of this paper is to detect and mitigate, internal and external, stealthy EDoS attacks proactively. The attack is detected using average CPU utilization threshold and utility function (in terms of cost for the utilized cloud computing resources) and mitigated using virtual firewalls. Amazon Elastic Compute Cloud (Amazon EC2) is used to evaluate the performance of the proposed approach. The proposed approach accurately detects the EDoS attack and mitigates its effect as well with reduced cost. It is observed that the approach provides competitive response time, victim service downtime, and attack reporting time. Thus, the overall performance is improved. [ABSTRACT FROM AUTHOR]