A Study of Very Short Intermittent DDoS Attacks on the Performance of Web Services in Clouds

Author

Huasong Shan, Louisiana State University and Agricultural and Mechanical CollegeFollow

Degree

Doctor of Philosophy (PhD)

Department

Computer Science and Engineering

Document Type

Dissertation

Abstract

Distributed Denial-of-Service (DDoS) attacks for web applications such as e-commerce are increasing in size, scale, and frequency. The emerging elastic cloud computing cannot defend against ever-evolving new types of DDoS attacks, since they exploit various newly discovered network or system vulnerabilities even in the cloud platform, bypassing not only the state-of-the-art defense mechanisms but also the elasticity mechanisms of cloud computing.

In this dissertation, we focus on a new type of low-volume DDoS attack, Very Short Intermittent DDoS Attacks, which can hurt the performance of web applications deployed in the cloud via transiently saturating the critical bottleneck resource of the target systems by means of external attack HTTP requests outside the cloud or internal resource contention inside the cloud. We have explored external attacks by modeling the n-tier web applications with queuing network theory and implementing the attacking framework based-on feedback control theory. We have explored internal attacks by investigating and exploiting resource contention and performance interference to locate a target VM (virtual machine) and degrade its performance.

Date

11-9-2017

Recommended Citation

Shan, Huasong, "A Study of Very Short Intermittent DDoS Attacks on the Performance of Web Services in Clouds" (2017). LSU Doctoral Dissertations. 4145.
https://repository.lsu.edu/gradschool_dissertations/4145

Committee Chair

Wang, Qingyang

DOI

10.31390/gradschool_dissertations.4145