Cloud based Distributed Denial of Service Alleviation System

Cloud computing is a phenomenon that is changing information technology, with many companies no longer having data and resources retained within their own premises. Instead they are utilising cloud computing and its centralised resources. There are many benefits of this approach such as pay-per-use model, elasticity of operation and on demand resourcing. However, this approach also introduces additional security challenges. Security involves a triad of considerations, those being confidentiality, integrity and availability, often abbreviated to CIA. This work focusses on the last aspect of the CIA triad – availability, which is even more crucial for cloud-based platforms as centralised resources need to be provided at a distance to the end customers. Several factors including ‘denial of service’ attack impact availability. Moreover, current protection frameworks do not sufficiently consider the issues of verification, scalability and end-to-end latency. Hence, a new framework has been designed to fill the identified gap. The framework referred to as the cloud-based Distributed Denial of Service Alleviation System (DDoSAS) is based on its predecessor Enhanced DDoS-MS. The new framework has been implemented using Amazon Web Services. The work serves to provide a baseline for measuring end-to-end latency in real-life scenarios.