Simulation-Based Study of Distributed Denial of Service Attacks Prevention in the Cloud

Distributed Denial of Service (DDoS) attacks can affect the availability of the networks. In the age of cloud computing, these attacks are being more harmful in terms of their common influences and their new effects that harm the cloud sustainability by exploiting its scalability and payment model (pay-as-you-use). Therefore, a new form of DDoS attacks is introduced in the cloud context as an economical version of such attack. This new form is known as Economical Denial of Sustainability (EDoS) attack. To counteract such attacks, traditional network security means are used. Specifically, the firewalls that are working as filters for the incoming packets to the targeted network according to designated rules by the administrators can mitigate the impacts of DDoS and EDoS attacks. In this paper, a new solution called Enhanced DDoS-Mitigation System (Enhanced DDoS-MS) is proposed to encounter these attacks by utilizing the firewall capabilities in controlling a verification process to protect the targeted system. These capabilities are evaluated in a simulation environment. The results proved that the firewall mitigates the DDoS impacts successfully by improving the provided services to the users in terms of the response time and server load under attack. The study also suggests following implementation for the proposed framework with an active testbed.