Improved attack detection mechanism and optimal load balancing using trust model in cloud environment

Abstract

Distributed Denial of Service (DDoS) is a major threat to cloud networks due to significant financial losses. This inspired the Security Research Group to develop a variety of detection techniques to minimize the impact of such an attack. Nonetheless, current solutions are still not sufficiently sophisticated to meet the requirements of a cloud-based detection system, as they disregard the ingenious strategies of the attacker that exploit the elastic and multi-tenant properties of the cloud and ignore the resource constraints of the cloud system. However, due to the identification of VM loads when used in a cloud environment, these methods result in a significant reduction in detection accuracy. The main objective of this work is to increase the detection rate of DDos using a limited amount of resources. When designing existing detection systems, the vulnerabilities that apply to cloud system assets are overlooked. That are all accounted for in this research work. As seen from the perspective of this research Load Balancing means that the distribution of detection load in a smart manner. Hence the distribution of detection load is to be done in a unique way resulting in increased nodal efficacy with resources used to their fullest extent Motivated by this fact, the first contribution of the work is the development of a new trust model that allows the hypervisor to learn about the actions of the VMs over time and thus enables it to change the detection load distribution strategy in such a way that it assigns more load to the VMs that have a large number of misbehaviours in their history. Next, attack detection is performed using the Convex Support Vector Machine (CSVM) classifier. In addition to that by spreading a single DoS attack over several VMs running at the top of the same hypervisor, attackers can use a mixed strategy to complicate the detection mechanism and try to reduce the attack detection rate newline