J4 ›› 2014, Vol. 41 ›› Issue (3): 116-122.doi: 10.3969/j.issn.1001-2400.2014.03.017

• Original Articles • Previous Articles     Next Articles

Cloud droplets freezing attack in cloud computing

WANG Yichuan;MA Jianfeng;LU Di;ZHANG Liumei;MENG Xianjia   

  1. (School of Computer Science and Technology, Xidian Univ., Xi'an  710071, China)
  • Received:2013-09-17 Online:2014-06-20 Published:2014-07-10
  • Contact: WANG Yichuan E-mail:ctechsky@gmail.com

Abstract:

This paper proposes a novel and practical distributed denial-of-service attack model—cloud droplets freezing attack, by studying the characteristics of the server cluster deployment in cloud computing context. Experimental results show that the attacker can control the infected virtual machine to launch the attack. Such an attack not only produces a serious congestion effect to the internal network bandwidth of cloud server clusters, but also exhausts physical host resources such as memory and CPU. To achieve effective denial-of-service attacks, the attack illegally occupies resources that are originally assigned to a legitimate virtual machine. Combined with the defense related technologies toward traditional denial-of-service attack and the quantitative analysis of the principle of the Cloud droplets attack, the paper discusses the Cloud droplets freezing defense methods.

Key words: cloud computing, distributed denial of service attack, network security, botnet

CLC Number: 

  • TP309