Distributed Denial of Services Attacks on Cloud Servers: Detection, Analysis and Mitigation


  • Sudesh Pahal MSIT
  • Anjana Saroha




Security, Denial of Service, Flood Attacks


Today, most of the IT companies are moving towards Cloud infrastructure and technology due to its flexibility, scalability, and cost-effective features. But security is still the main hinderance to accept cloud computing on large scale. There are many security issues related to cloud implementation and one of the major threats is Distributed Denial of Services (DDoS) attack on cloud servers and applications. DDoS attack is a most prevailing security issue where attacker’s intention is to make all victim’s resources like cloud servers, storage, bandwidth etc. unavailable to general user which results to dissatisfactory outcomes in related business. This paper emphasis on understanding of DDoS attacks, their detection and analysis. The paper also explores the possible mitigation strategies to reduce the impact of DDoS.


Anjana & Ajit Singh, Security concerns and countermeasures in cloud computing: a qualitative analysis International Journal of Information Technology volume 11, pages683–690(2019), 28 February 2018(Original)

G. Carl, G. Kesidis, R. R. Brooks and Suresh Rai, "Denial-of-service attack-detection techniques," in IEEE Internet Computing, vol. 10, no. 1, pp. 82-89, Jan.-Feb. 2006.

Hadeel S Obaid, International Journal of Engineering Research & Technology (IJERT) http://www.ijert.org ISSN: 2278-0181 Published by :Vol. 9 Issue 03,pp 631-636, March-2020

Mohammad Masdari* and Marzie Jalali,A survey and taxonomy of DoS attacks in cloud computing, SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks 2016 in Wiley Online Library (wileyonlinelibrary.com); Vol. 9, pp 3724–3751,DOI: 10.1002/sec.1539, Published online 13 July 2016

Yu S. Distributed Denial of Service Attack and Defence. Springer: London, UK, 2014.

Esrra Alomari et al.Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art, International Journal of Computer Applications (0975 – 8887), Volume 49– No.7, July 2012

S. M. Specht and R. B. Lee, "Distributed denial of service: Taxonomies of attacks, tools, and countermeasures," in the Proceedings of the international Workshop on Security in Parallel and Distributed Systems, 2004, pp. 543-550.

K. J. Houle, "Trends in Denial of Service Attack Technology," CERT Coordination Center, Carnegie Mellon Software Engineering Institute, oct 2001.

V. Company, "Distributed Denial of Service (DDoS) and Botnet Attacks," An iDefense Security Report, 2006.

A Mishra, BB Gupta, RC Joshi, ―A Comparative Study of Distributed Denial of Service Attacks, Intrusion Tolerance and Mitigation Techniques," In the proc. of European Intelligence and Security Informatics Conference (EISIC-2011), , pp. 286-289, 2011.

P. Bächer, et al., "Know your enemy: Tracking botnets,” The Honeynet Project and Research Alliance, Tech. Rep,2005.

Esrra Alomari et al.,A Survey of Botnet-Based DDoS Flooding Attacks of Application Layer: Detection and Mitigation Approaches,Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber SecurityChapter: 3Publisher: IGI GlobalEditors: Brij Gupta, Dharma P. Agrawal, Shingo Yamaguchi, DOI: 10.4018/978-1-5225-0105-3.ch003, May,2016

Suliman, A., Shankarapani, M. K., Mukkamala, S., & Sung, A. H. (2008). RFID malware fragmentation attacks. Paper presented at the collaborative technologies and systems, 2008. Cts 2008. International symposium on.

Aiello, M., Papaleo, G., & Cambiaso, E. (2014). Slowreq: A weapon for cyberwarfare operations. Characteristics, limits, performance, remediations. Paper presented at the International Joint conference Soco’13-cisis’13-iceute’13.

Bethencourt, J., Franklin, J., & Vernon, M. (2005). Mapping internet sensors with probe response attacks.Paper presented at the usenix security.

Damon, E., Dale, J., Laron, E., Mache, J., Land, N., & Weiss, R. (2012). Hands-on denial of service lab exercises using slowloris and rudy. Paper presented at the proceedings of the 2012 information security curriculum development conference.

Yu, J., Fang, C., Lu, L., & Li, Z. (2010). Mitigating application layer distributed denial of service attacks via effective trust management. IET Communications, 4(16), 1952-1962.

Ali, S. T. (2009). Throttling ddos attacks using integer factorization and its substantiation using enhanced web stress tool. National Institute of Technology Karnataka Surathkal.

Zhou, Y., & Jiang, X. (2012). Dissecting android malware: Characterization and evolution. Paper presented at the security and privacy (sp), 2012 IEEE symposium on.

J. Rosenberg, et al, "RFC 3261 SIP: Session initiation protocol", 2002. Available at: www.ietf.org

V. Paxson, "An analysis of using reflectors for distributed denial-of-service attacks," ACM SIGCOMM Computer Communication Review, vol. 31, pp. 38-47,2001.

Douligeris C, Mitrokotsa A. DDoS attacks and defense mechanisms: classification and state-of-the-art.Computer Networks 2004; 44(5): 643–666.

Harrison K, White G. A taxonomy of cyber events affecting communities. In System Sciences (HICSS),2011 44th Hawaii International Conference on. IEEE, 2011.

D. C. Wyld, et al., "Trends in Network and Communications," International Conferences, NeCOM, 197: Springer, 2011.

M. Zelkowitz, "New programming paradigms," vol. 64,Academic Press, 2005.

Glenn Carl and George Kesidis et al., Denial-of-Service Attack-Detection Techniques,Published by the IEEE Computer Society,IEEE INTERNET COMPUTING, JANUARY • FEBRUARY 2006

D. Moore, G.M. Voelker, and S. Savage, “Inferring Internet Denial-of-Service Activity,” Proc. Usenix Security Symp.,Usenix Assoc., 2001; http://citeseer.ist.psu.edu/moore01inferring.html.

P. Barford et al., “A Signal Analysis of Network Traffic Anomalies,” Proc. ACM SIGCOMM Internet Measurement Workshop, ACM Press, 2002, pp. 71–82.

R.B. Blazek et al., “A Novel Approach to Detection of ‘Denial-of-Service’ Attacks via Adaptive Sequential and Batch-Sequential Change-Point Detection Methods,” Proc.IEEE Workshop Information Assurance and Security, IEEE CS Press, 2001, pp. 220–226.

H. Wang, D. Zhang, and K. Shin, “Detecting SYN Flooding Attacks,” Proc. 21st Joint Conf. IEEE Computer and Comm. Societies (IEEE INFOCOM), IEEE Press, 2002, pp.1530–1539

Patcha, A., & Park, J.-M. (2007). An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks, 51(12), 3448-3470.

Xie, Y., & Yu, S.-Z. (2009). Monitoring the application-layer ddos attacks for popular websites. Networking, IEEE/ACM Transactions on, 17(1), 15-25.

Yatagai, T., Isohara, T., & Sasase, I. (2007). Detection of http-get flood attack based on analysis of page access behavior. Paper presented at the communications, computers and signal processing, 2007. Pacrim 2007. IEEE pacific rim conference on.

Lin, H., Lee, C.-Y., Liu, J.-C., Chen, C.-R., & Huang, S.-Y. (2010). A detection scheme for flooding attack on application layer based on semantic concept. Paper presented at the computer symposium (ics), 2010 international.

Choi, s., Kim, I.-K., Oh, J.-T., & Jang, J.-S. (2012). Aigg threshold based http get flooding attack detection. In Information security applications (pp. 270-284). Springer.

Pimentel, A., Clifton, D. A., Clifton, L., & Tarassenko, L. (2014). A review of novelty detection. Signal Processing, 99, 215–249. doi:10.1016/j.sigpro.2013.12.026

Rexroad, B., & van der Merwe, J. (2010). Network security–A service provider view. In Guide to reliable internet services and applications (pp. 447-515). Springer.

Owezarski, P. (2009). Implementation of adaptive traffic sampling and management, path performance. Academic Press.

Wen, S., Jia, W., Zhou, W., Zhou, W., & Xu, C. (2010). Cald: Surviving various application-layer ddos attacks that mimic flash crowd. Paper presented at the network and system security (nss), 2010 4th international conference on.

Kandula, S., Katabi, D., Jacob, M., & Berger, A. (2005). Botz-4-sale: Surviving organized ddos attacks that mimic flash crowds. Paper presented at the 2nd conference on symposium on networked systems design & implementation.

Stavrou, A., Cook, D. L., Morein, W. G., Keromytis, A. D., Misra, V., & Rubenstein, D. (2005). Websos: An overlay-based system for protecting web servers from denial of service attacks. Computer Networks, 48(5), 781-807.

Gummadi, R., Balakrishnan, H., Maniatis, P., & Ratnasamy, S. (2009). Not-a-bot: Improving service availability in the face of botnet attacks. Paper presented at the NSDI.

Djalaliev, P., Jamshed, M., Farnan, N., & Brustoloni, J. (2008). Sentinel: Hardware-accelerated mitigation of bot-based ddos attacks. Paper presented at the computer communications and networks, 2008. Icccn’08. 17th international conference on.

M. Glenn, "A summary of dos/ddos prevention, monitoring and mitigation techniques in a service provider environment," SANS Institute, 2003.

J. Molsa, "Effectiveness of rate-limiting in mitigating flooding DOS attacks," In International Conference on Communications, Internet, and Information Technology, pp. 155-160, 2004.

M. El-Soudani and M. A. Eissa, "Cooperative defense Firewall Protocol, "In Security and Privacy in the Age of Uncertainty, pp. 373-384, 2003.

Lua and K. C. Yow, "Mitigating DDoS attacks with transparent and intelligent fast-ux swarm network," Network, IEEE, vol. 25, no. 4, pp.28-33, 2011.

Additional Files