Abstract

Distributed Denial of Service (DDoS) attacks are aimed at exhausting various resources of victim hosts, thereby preventing legitimate usage of their computational capabilities. DDoS attacks are often launched by organized crime, hacktivists, or other (un)usual suspects, making this type of cyber crime a major concern for many organizations around the world. Performance plays an important role in cloud computing. Cloud is known for its availability of resources that makes it as leading computing platform. In this paper, the aim is to develop a collaborative defense framework against DDoS attacks in cloud. We focus on two main phases, which are anomaly detection and filtering of malicious traffic, to achieve a successful defense against DDoS attacks. Firstly, in order to detect the stealthy DDoS attack at an early stage, we proposed an effective detection scheme based on time-series decomposition method. Secondly, current defense systems are not scalable well to high-speed networks and few of them are able to defend against attacks originated from both spoofed and genuine source addresses.