Attribution of Economic Denial of Sustainability Attacks in Public Clouds

Mohammad Karami; An Wang; Songqing Chen

doi:10.4108/eai.4-1-2018.153525

EAI Endorsed Transactions on Security and Safety (Jan 2018)

Attribution of Economic Denial of Sustainability Attacks in Public Clouds

Mohammad Karami,
An Wang,
Songqing Chen

Affiliations

Mohammad Karami: Google, work performed while at George Mason University
An Wang: Department of Computer Science, George Mason University; [email protected]
Songqing Chen: Department of Computer Science, George Mason University

DOI: https://doi.org/10.4108/eai.4-1-2018.153525
Journal volume & issue: Vol. 4, no. 13
pp. 1 – 13

Abstract

Read online

The cloud pricing model leaves cloud consumers vulnerable to Economic Denial of Sustainability (EDoS) attacks. In this type of attacks, an adversary first identifies web resources with high levels of cloud resource consumption, and then uses a botnet of compromised hosts to make fraudulent requests to these costly web resources. The attacker’s goal is to disrupt the economical sustainability of the victim by inflicting cost through fraudulent consumption of billable cloud resources. In this paper, we propose two different Markov-based models to profile the behavior of legitimate users in terms of their resource consumption and the resource request patterns to detect malicious sources engaged in fraudulent use of cloud resources. Our experimental evaluation results demonstrate the effectiveness of the proposed attribution methodology for identifying malicious sources participating in EDoS attacks.

Published in EAI Endorsed Transactions on Security and Safety

ISSN: 2032-9393 (Online)
Publisher: European Alliance for Innovation (EAI)
Country of publisher: Belgium
LCC subjects: Technology
Website: https://eudl.eu/journal/sesa

About the journal

Abstract

Keywords