EAI Endorsed Transactions on Security and Safety 18(13): e2

Research Article

Attribution of Economic Denial of Sustainability Attacks in Public Clouds

Download10 downloads
  • @ARTICLE{10.4108/eai.4-1-2018.153525,
        author={Mohammad Karami and An Wang and Songqing Chen},
        title={Attribution of Economic Denial of Sustainability Attacks in Public Clouds},
        journal={EAI Endorsed Transactions on Security and Safety},
        volume={18},
        number={13},
        publisher={EAI},
        journal_a={SESA},
        year={2018},
        month={1},
        keywords={Economic Denial of Sustainability, EDoS Detection, Markov Chain, Hidden semi Markov Model},
        doi={10.4108/eai.4-1-2018.153525}
    }
    
  • Mohammad Karami
    An Wang
    Songqing Chen
    Year: 2018
    Attribution of Economic Denial of Sustainability Attacks in Public Clouds
    SESA
    EAI
    DOI: 10.4108/eai.4-1-2018.153525
Mohammad Karami1, An Wang2,*, Songqing Chen2
  • 1: Google, work performed while at George Mason University
  • 2: Department of Computer Science, George Mason University
*Contact email: anwang10@masonlive.gmu.edu

Abstract

The cloud pricing model leaves cloud consumers vulnerable to Economic Denial of Sustainability (EDoS) attacks. In this type of attacks, an adversary first identifies web resources with high levels of cloud resource consumption, and then uses a botnet of compromised hosts to make fraudulent requests to these costly web resources. The attacker’s goal is to disrupt the economical sustainability of the victim by inflicting cost through fraudulent consumption of billable cloud resources. In this paper, we propose two different Markov-based models to profile the behavior of legitimate users in terms of their resource consumption and the resource request patterns to detect malicious sources engaged in fraudulent use of cloud resources. Our experimental evaluation results demonstrate the effectiveness of the proposed attribution methodology for identifying malicious sources participating in EDoS attacks.