Analysis of the availability of Infrastructure-as-a-Service-based cloud computing

Abstract

Cloud computing has become pervasive in organizations worldwide. A primary concern with the Cloud is security, especially the availability posed by Denial of Service (DoS) and Distributed Denial of Service attacks(DDoS). The evolving nature of this attack using reflectors and amplifiers eliminates the need for the attacker to have access to huge resources. We created a Cloud environment using Openstack and examined the availability of each building block component of the Cloud. Our experiments revealed vulnerabilities that led to availability issues in the Advanced Message Queuing Protocol (AMQP) message broker service, and the default one for Openstack is RabbitMQ. Our experimentation showed that it is possible to launch an amplification attack on RabbitMQ, which crashed the Cloud infrastructure. Our study showed that when the impact of a DoS attack is considered, only the network variables are considered in datasets. Hence, the resulting solutions to detect or prevent DoS attacks are built by testing them against these datasets. Using our infrastructure, we created a dataset with a series of systematic attacks in the Cloud that captured over 230 variables from seven different resource categories like processing, memory, and others. We studied the impact of DoS attacks (specifically TCP flood attacks) across different resource categories. We found attacks more impactful when the victim and attacker co-resides are in the same cloud. Additionally, our work allowed us to understand combinations of packets with flag and payload size that an attacker can devise for the maximum impact on the victim. Our results contain previously unknown insights, such as the fact that relatively smaller DoS packets could result in a larger impact on the victims. We also identified the most impacted system metrics, which would allow Cybersecurity software developers to build better and optimal (D)DoS monitoring and detection tools. We also proposed a metric to quantify the impact of a DoS attack considering the Cloud’s infrastructure and the various resource categories.