Skip to Main content Skip to Navigation
Conference papers

Toward a Source Detection of Botclouds: A PCA-Based Approach

Abstract : Cloud computing security is often focused on data and users security and protection against external intrusions. However, it exists an area of cloud security that is often overlooked and that can have disastrous consequences: the conversion of cloud computing into an attack vector. Beyond a legitimate usage, the numerous advantages of cloud computing are exploited by attackers. Botnets supporting Distributed Denial of Service (DDoS) attacks are among the greatest beneficiaries of this malicious use. In this paper, we propose a novel source-based detection approach that aims at detecting the abnormal virtual machines behavior. The originality of our approach resides in (1) relying only on the system’s metrics of virtual machines and (2) considering a source-based detection. Our approach is based on Principal Component Analysis to detect anomalies that can be signs of botcloud’s behavior supporting DDoS flooding attacks. We also present the results of the evaluation of our detection algorithm.
Complete list of metadata

Cited literature [19 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Wednesday, November 23, 2016 - 10:25:16 AM
Last modification on : Sunday, June 26, 2022 - 4:35:53 AM
Long-term archiving on: : Tuesday, March 21, 2017 - 3:38:45 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Hammi Badis, Guillaume Doyen, Rida Khatoun. Toward a Source Detection of Botclouds: A PCA-Based Approach. 8th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2014, Brno, Czech Republic. pp.105-117, ⟨10.1007/978-3-662-43862-6_13⟩. ⟨hal-01401295⟩



Record views


Files downloads