International Journal of Research

Cloud Computing allows customers to access cloud resources and services. On-demand, self-service and pay-by-use business model are adapted for the cloud resource sharing process. Service level agreements (SLA) regulate the cost for the services that are provided for the customers. Cloud data centers are employed to share data values to the users. Denial-of-Service (DoS) attack is an attempt by attacker to prevent legitimate users from using resources. Distributed Denial of Service (DDoS) Attacks are generated in a “many to one” dimension. In DDoS attack model Large number of compromised host are gathered to send useless service requests, packets at the same time .DoS and DDoS attacks initiates the service degradation, availability and cost problems under cloud service providers.

Brute-force attacks are raised against through specific periodic, pulsing and low-rate traffic patterns. Rate-controlling, time-window, worst-case threshold and pattern-matching are adapted to discriminate the legitimate and attacker activities. Stealthy attack patterns are raised against applications running in the cloud. Slowly-Increasing- Polymorphic DDoS Attack Strategy (SIPDAS) can be applied to initiate application vulnerabilities. SIPDAS degrades the service provided by the target application server running in the cloud. Polymorphic attacks changes the message sequence at every successive infection to avoid signature detection process. Slowly-increasing polymorphic behavior induces enough overloads on the target system. XML-based DoS (XDoS) attacks to the web-based systems are applied as the testing environment for the attack detection process.