Toward a Source Detection of Botclouds: A PCA-Based Approach

Abstract : Cloud computing security is often focused on data and users security and protection against external intrusions. However, it exists an area of cloud security that is often overlooked and that can have disastrous consequences: the conversion of cloud computing into an attack vector. Beyond a legitimate usage, the numerous advantages of cloud computing are exploited by attackers. Botnets supporting Distributed Denial of Service (DDoS) attacks are among the greatest beneficiaries of this malicious use. In this paper, we propose a novel source-based detection approach that aims at detecting the abnormal virtual machines behavior. The originality of our approach resides in (1) relying only on the system’s metrics of virtual machines and (2) considering a source-based detection. Our approach is based on Principal Component Analysis to detect anomalies that can be signs of botcloud’s behavior supporting DDoS flooding attacks. We also present the results of the evaluation of our detection algorithm.
Type de document :
Communication dans un congrès
Anna Sperotto; Guillaume Doyen; Steven Latré; Marinos Charalambides; Burkhard Stiller. 8th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2014, Brno, Czech Republic. Springer, Lecture Notes in Computer Science, LNCS-8508, pp.105-117, 2014, Monitoring and Securing Virtualized Networks and Services. 〈10.1007/978-3-662-43862-6_13〉
Liste complète des métadonnées

Littérature citée [19 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01401295
Contributeur : Hal Ifip <>
Soumis le : mercredi 23 novembre 2016 - 10:25:16
Dernière modification le : mardi 27 février 2018 - 14:40:04
Document(s) archivé(s) le : mardi 21 mars 2017 - 03:38:45

Fichier

978-3-662-43862-6_13_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Hammi Badis, Guillaume Doyen, Rida Khatoun. Toward a Source Detection of Botclouds: A PCA-Based Approach. Anna Sperotto; Guillaume Doyen; Steven Latré; Marinos Charalambides; Burkhard Stiller. 8th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2014, Brno, Czech Republic. Springer, Lecture Notes in Computer Science, LNCS-8508, pp.105-117, 2014, Monitoring and Securing Virtualized Networks and Services. 〈10.1007/978-3-662-43862-6_13〉. 〈hal-01401295〉

Partager

Métriques

Consultations de la notice

88

Téléchargements de fichiers

29