DDoS defence for service availability in cloud computing
| dc.contributor.advisor | Dlodlo, Mqhele E | en_ZA |
| dc.contributor.advisor | Choo, Kim-Kwang Raymond | en_ZA |
| dc.contributor.author | Osanaiye, Opeyemi Ayokunle | en_ZA |
| dc.date.accessioned | 2017-01-26T13:31:41Z | |
| dc.date.available | 2017-01-26T13:31:41Z | |
| dc.date.issued | 2016 | en_ZA |
| dc.description.abstract | Cloud computing presents a convenient way of accessing services, resources and applications over the Internet by shifting the focus of industries and organizations from the deployment and day-to-day running of their IT facilities, to provide an on-demand, self-service, and pay-as-you-go business model. Despite its increased popularity, ensuring security and availability of data, resources and services remains an ongoing research challenge. Distributed Denial of Service (DDoS) attacks are not a new threat but they remain a major security challenge in achieving a secure and guaranteed service and resources in cloud computing. Mitigating DDoS attack in cloud computing presents a new dimension to the solutions proffered in traditional computing, therefore, this work proposes DDoS defence solutions that identify and classify packet traffic as either legitimate or malicious, based on its attributes. This thesis has three objectives. Firstly, it investigates a major attribute of DDoS attack, the spoofing of source IP address that hides its identity to disallow easy traceback or deceive the cloud provider to enjoy certain services accrued to a trusted host. Secondly, due to the increased number and sophistication of DDoS attacks against cloud services and the magnitude of traffic that needs to be processed, the analysis of feature selection methods and classification techniques was carried out. Feature selection has been identified as a pre-processing phase in cloud DDoS attack defence that could potentially increase the classification accuracy and reduce the computational complexity, by identifying important features from the original dataset, during supervised learning. Finally, this thesis studies the packet inter-arrival time (IAT) feature of traffic traces, in order to determine the presence of an attack using a change-point detection. The DDoS attack pattern is detected by leveraging on the fact that most DDoS attacks are automated, thus exhibiting similar patterns. The main contributions are as follows: (i) This thesis proposes an IP spoofing detection technique that uses a passive and active host-based operating system (OS) fingerprinting to detect the true source of a packet during a spoofed DDoS attack; (ii) this thesis proposes an ensemble-based multi-filter feature selection (EMFFS) method that combines the output of four filter methods to achieve an optimum selection, and a decision-tree classifier to detect DDoS attacks; and (iii) this thesis proposes a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services, by examining the packet IAT. A DDoS attack pattern is distinguished from normal traffic by using cumulative sum algorithm (CUSUM). The results obtained show a high detection rate and classification accuracy, when compared with other classification techniques in the literature. | en_ZA |
| dc.identifier.apacitation | Osanaiye, O. A. (2016). <i>DDoS defence for service availability in cloud computing</i>. (Thesis). University of Cape Town ,Faculty of Engineering & the Built Environment ,Department of Electrical Engineering. Retrieved from http://hdl.handle.net/11427/23391 | en_ZA |
| dc.identifier.chicagocitation | Osanaiye, Opeyemi Ayokunle. <i>"DDoS defence for service availability in cloud computing."</i> Thesis., University of Cape Town ,Faculty of Engineering & the Built Environment ,Department of Electrical Engineering, 2016. http://hdl.handle.net/11427/23391 | en_ZA |
| dc.identifier.citation | Osanaiye, O. 2016. DDoS defence for service availability in cloud computing. University of Cape Town. | en_ZA |
| dc.identifier.ris | TY - Thesis / Dissertation AU - Osanaiye, Opeyemi Ayokunle AB - Cloud computing presents a convenient way of accessing services, resources and applications over the Internet by shifting the focus of industries and organizations from the deployment and day-to-day running of their IT facilities, to provide an on-demand, self-service, and pay-as-you-go business model. Despite its increased popularity, ensuring security and availability of data, resources and services remains an ongoing research challenge. Distributed Denial of Service (DDoS) attacks are not a new threat but they remain a major security challenge in achieving a secure and guaranteed service and resources in cloud computing. Mitigating DDoS attack in cloud computing presents a new dimension to the solutions proffered in traditional computing, therefore, this work proposes DDoS defence solutions that identify and classify packet traffic as either legitimate or malicious, based on its attributes. This thesis has three objectives. Firstly, it investigates a major attribute of DDoS attack, the spoofing of source IP address that hides its identity to disallow easy traceback or deceive the cloud provider to enjoy certain services accrued to a trusted host. Secondly, due to the increased number and sophistication of DDoS attacks against cloud services and the magnitude of traffic that needs to be processed, the analysis of feature selection methods and classification techniques was carried out. Feature selection has been identified as a pre-processing phase in cloud DDoS attack defence that could potentially increase the classification accuracy and reduce the computational complexity, by identifying important features from the original dataset, during supervised learning. Finally, this thesis studies the packet inter-arrival time (IAT) feature of traffic traces, in order to determine the presence of an attack using a change-point detection. The DDoS attack pattern is detected by leveraging on the fact that most DDoS attacks are automated, thus exhibiting similar patterns. The main contributions are as follows: (i) This thesis proposes an IP spoofing detection technique that uses a passive and active host-based operating system (OS) fingerprinting to detect the true source of a packet during a spoofed DDoS attack; (ii) this thesis proposes an ensemble-based multi-filter feature selection (EMFFS) method that combines the output of four filter methods to achieve an optimum selection, and a decision-tree classifier to detect DDoS attacks; and (iii) this thesis proposes a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services, by examining the packet IAT. A DDoS attack pattern is distinguished from normal traffic by using cumulative sum algorithm (CUSUM). The results obtained show a high detection rate and classification accuracy, when compared with other classification techniques in the literature. DA - 2016 DB - OpenUCT DP - University of Cape Town LK - https://open.uct.ac.za PB - University of Cape Town PY - 2016 T1 - DDoS defence for service availability in cloud computing TI - DDoS defence for service availability in cloud computing UR - http://hdl.handle.net/11427/23391 ER - | en_ZA |
| dc.identifier.uri | http://hdl.handle.net/11427/23391 | |
| dc.identifier.vancouvercitation | Osanaiye OA. DDoS defence for service availability in cloud computing. [Thesis]. University of Cape Town ,Faculty of Engineering & the Built Environment ,Department of Electrical Engineering, 2016 [cited yyyy month dd]. Available from: http://hdl.handle.net/11427/23391 | en_ZA |
| dc.language.iso | eng | en_ZA |
| dc.publisher.department | Department of Electrical Engineering | en_ZA |
| dc.publisher.faculty | Faculty of Engineering and the Built Environment | |
| dc.publisher.institution | University of Cape Town | |
| dc.subject.other | Electrical Engineering | en_ZA |
| dc.title | DDoS defence for service availability in cloud computing | en_ZA |
| dc.type | Doctoral Thesis | |
| dc.type.qualificationlevel | Doctoral | |
| dc.type.qualificationname | PhD | en_ZA |
| uct.type.filetype | Text | |
| uct.type.filetype | Image | |
| uct.type.publication | Research | en_ZA |
| uct.type.resource | Thesis | en_ZA |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- thesis_ebe_2016_osanaiye_opeyemi_ayokunle.pdf
- Size:
- 2.37 MB
- Format:
- Adobe Portable Document Format
- Description: