Distributed Denial of Service (DDoS) attacks are becoming more

frequent and the size of these attacks is increasing rapidly on every

year. This increases the load on the networks of Internet Service

Providers (ISPs) and many Cloud computing providers. Cloud

computing is an emerging technology and adopted by many Cloud

providers. But, there are many issues and one of them is Distributed

Denial of Service(DDOS). Distributed Denial of Service (DDoS) attack

is the most prominent attacks in this area of computing. DDoS is the

single largest threat to internet and internet of things. The frequency

and sophistication of Distributed Denial of Service attacks (DDoS)

on the Internet are rapidly increasing. In this article, we conduct an

up-to-date review of essential Cloud Network threats and present

a methodology for evaluation of existing security proposals. Based

on this, we introduce a comprehensive and up-to-date survey of

proposals intended to make the Network Infrastructure highly

secure and introducing new methods for detection and mitigation

of routing instabilities and these generic countermeasure model

can be used to prevent secondary victims and to prevent DDoS

attacks. These taxonomies define varies similarities and different

patterns in Dos and DDoS attacks, configuration, functional tools, to

assist in further improvement on Network Infrastructure security and

proposed a solution to countering DDoS attacks.

D- DoS attacks can be classified further as the primary target is

to congest the network with a massive amount of the bandwidth

Utilization and it could cause the network abruption to the victim

network.

Attack Classifications: (Figure 1) Besides, these classifications, all

forms of attacks fall under these two functions.

Connection-based attack: This type of attacks can be carried out

through an established connection of any client and server by using

certain connection-oriented protocols.

Connection-less attack: An attack that doesn’t require a standard

protocol-based session. Connection-less meant to be formally

established before a server can send the “data packets” — typically a

basic unit of communication information which is transferred over a

digital network to a client.

**Volumetric Attack: **The Specific goal of this type of attack is to

cause the congestion traffic while sending the data packets over the

line and it would cause a bandwidth to overwhelm the scenario. Especially,

most of the attacks are executed using botnets. botnet is a group of

agent handlers in a DDoS attack which provides the attacker with the

ability to wage a much larger and more wild attack than a DoS attack

while remaining anonymous on the Internet. It is measured by the

number of received bits per second (bps).

Protocol Attack: In general, this type of attack focal point is

on actual web/DNS/FTP servers, core Routers and switch, firewall

devices and LB (load balancers) to disrupt the well-established

connections, and also causing the exhaustion of their limited number

of concurrent sessions on the device. It is measured by the number of

received packets per second (PPS).

Application Layer Attack: It is also known as Connection-oriented

attacks. Application attacks occur in the Layer 7 of an OSI Model.

Most of the Applications are under vulnerable scenarios by consisting

of many loopholes. This specific type of attack is pretty much hard to

detect because these sophisticated threats are generated from the

limited number of attack machines, on top of that it’s only generating

low traffic rate which appears to be legitimate for the victim to realize.

It is measured by the number of received requests per second (RPS).

#technology #security #cloud-computing #computer-sciecne #ddos-attack #cloud