مجال
التميز
|
تميز دراسي و بحثي
|
البحوث المنشورة
|
|
البحث (1):
|
|
عنوان البحث:
|
Security of the Cloud
|
رابط إلى البحث:
|
Click here
|
تاريخ النشر:
|
31/03/2015
|
موجز عن البحث:
|
The
chapter presents current security concerns in the Cloud Computing
Environment. The cloud concept and operation raise many concerns for cloud
users since they have no control of the arrangements made to protect the
services and resources offered. Additionally, it is obvious that many of the
cloud service providers will be subject to significant security attacks. Some
traditional security attacks such as the Denial of Service attacks (DoS) and
distributed DDoS attacks are well known, and there are several proposed
solutions to mitigate their impact. However, in the cloud environment, DDoS
becomes more severe and can be coupled with Economical Denial of
Sustainability (EDoS) attacks. The chapter presents a general overview of
cloud security, the types of vulnerabilities, and potential attacks. The
chapter further presents a more detailed analysis of DDoS attacks’ launch
mechanisms and well-known DDoS defence mechanisms. Finally, the chapter
presents a DDoS-Mitigation system and potential future research directions.
|
|
|
البحث (2):
|
|
عنوان البحث:
|
Simulation-Based
Study of Distributed Denial of Service Attacks Counteract in the Cloud
Services
|
رابط إلى البحث:
|
Click here
|
تاريخ النشر:
|
04/05/2016
|
موجز عن البحث:
|
Network availability is threatened by the
traditional Denial of Service (DoS) and Distributed Denial of Service (DDoS)
attacks. The risk is much increased with the emergence of the new computing
paradigm of cloud computing. In this era, DDoS attacks can threaten the cloud
sustainability by hitting its pricing model exploiting the cloud scalability
feature. Therefore, a new phenomenon is emerged as a result of launching DDoS
attacks against the cloud customers. It is called Economic Denial of
Sustainability (EDoS). It is no more than an economic version of DDoS attack
sharing its mechanism but different in the final aim. In order to defeat DDoS
and EDoS attacks, the filtering firewalls can play main role in this regard.
This paper is an extended version of a previous work that invented by the
authors which introduced a new technique to mitigate the impacts of such
attacks depending on the firewall features in managing a verification process
to maintain the targeted system. The proposed framework is known as Enhanced
DDoS- Mitigation System (Enhanced DDoS-MS). The firewalls characteristics are
evaluated using OPNET simulation tool. The results showed that the firewall
is effective in mitigating the DDoS impacts by limiting the response time,
throughput, server load, and the traffic sent and received under attack. The
paper also suggests using an active test bed for evaluating the proposed
framework in a real manner.
|
المؤتمرات العلمية:
|
|
المؤتمر (1):
|
|
عنوان المؤتمر:
|
The 7th International Conference on Next
Generation Mobile Applications, Services and Technologies (NGMAST 2013)
|
تاريخ الإنعقاد:
|
26/09/2013
|
مكان
الإنعقاد:
|
Prague
– Czech Republic
|
طبيعة المشاركة:
|
Oral
Presentation
|
عنوان المشاركة:
|
An
Enhanced Economical Denial of Sustainability Mitigation System for the Cloud
|
ملخص المشاركة:
|
In the cloud era, security has
become a renewed source of concerns. Distributed Denial of Service (DDoS) and
the Economical Denial of Sustainability (EDoS) that can affect the
pay-per-use model, which is one of the most valuable benefits of the cloud,
can again become very relevant especially with the introduction of new
policies in enterprises such as the “Bring Your Own Device” (BYOD).
Therefore, this paper presents a
novel framework called Enhanced DDoS- Mitigation System (Enhanced DDoS-MS)
which is a step further of our previous framework (DDoS-MS) that can be used
to encounter EDoS attacks by testing the first packet from the source of
requests (legitimate or malicious) to establish the legitimacy of the source
using a Graphical Turing Test (GTT). It differs from the (DDoS-MS) in several
aspects such as the using of puzzles as a reactive step, replacing the
overlay filtering system by the Reverse Proxy in hiding the location of the
protected servers, and changing the method of verifying the users in a way
that can encounter the persistent attackers.
To achieve this, it monitors the
remaining packets using an Intrusion Prevention System (IPS) and a Reverse
Proxy (RP) server. Then it delays the requests of the suspicious users using
Crypto Puzzles.
The
novelty of the proposed framework lies in decreasing the end-to-end latency
for the legitimate user by testing only their first packet. We use a layered defence
system that checks the legitimacy of the users, their packets’ integrity, and
their traffic rate. Moreover, the proposed framework intends to hide the
location of the protected servers to enhance their security.
|
المؤتمر (2):
|
|
عنوان المؤتمر:
|
The 14th Annual Post Graduate Symposium on
the Convergence of Telecommunications, Networking and Broadcasting
(PGNet2013)
|
تاريخ الإنعقاد:
|
25/06/2013
|
مكان
الإنعقاد:
|
Liverpool
– UK
|
طبيعة المشاركة:
|
Oral
Presentation
|
عنوان المشاركة:
|
A
New Method to Mitigate the Impacts of Economical Denial of Sustainability
Attacks Against the Cloud
|
ملخص المشاركة:
|
In the cloud era, security has
become a renewed source of concerns. Distributed Denial of Service (DDoS) and
the Economical Denial of Sustainability (EDoS) that can affect the
pay-per-use model, which is one of the most valuable benefits of the cloud,
can again become very relevant especially with the introduction of new
policies in enterprises such as the “Bring Your Own Device” (BYOD). The
hypothesis is that the attacks can exploit the IAM (Identity and Access
Management) vulnerabilities in the BYOD implementation in the enterprises
which are customers for the cloud. Attackers can gain access to the internal
network of an enterprise to generate EDoS attacks against the cloud by
exploiting the absence of a unified management of heterogeneous platforms of
the devices which are used in the BYOD environment. This can affect the
enterprise itself (Direct DDOS) or other enterprises using the cloud service
provider (Indirect DDOS).
Therefore, this paper presents a
novel framework called DDoS- Mitigation System (DDoS-MS) which can be used to
encounter EDoS attacks by testing two packets from the source of requests
(legitimate or malicious) to establish the legitimacy of the source. It uses
two types of examinations, Graphic Turing Test (GTT) and Crypto Puzzles.
The novelty of the proposed framework
lies in testing only two packets from any source instead of testing all
packets. This will decrease the end-to-end latency. Moreover, we use two
types of tests; one authenticates the user while the other authenticates the
packet.
|
المؤتمر (3):
|
|
عنوان المؤتمر:
|
The 9th International Conference on Next
Generation Mobile Applications, Services and Technologies (NGMAST 2015)
|
تاريخ الإنعقاد:
|
11/09/2015
|
مكان
الإنعقاد:
|
Cambridge
– UK
|
طبيعة المشاركة:
|
Paper
Presentation
|
عنوان المشاركة:
|
Denial
of Service Attacks Mitigation in the Cloud
|
ملخص المشاركة:
|
Denial of Service attack (DoS) forms a permanent
risk to the traditional networks and the cloud environment. This malicious
attack can be amplified by Distributed Denial of Service (DDoS) attacks.
Moreover, the cloud payment model can be affected by such attacks exploiting
the cloud scalability. In this case, it is called Economical Denial of
Sustainability (EDoS) attack. This study introduces an effective solution
that is designed to counteract such attacks and protect targeted networks.
The proposed framework is called Enhanced DDoS-Mitigation System (Enhanced
DDoS-MS). This method is tested practically and the test’s results proved the
success of the framework in limiting the end-to-end response time and
handling complex versions of these attacks on multiple layers.
|
المؤتمر (4):
|
|
عنوان المؤتمر:
|
The 9th International Conference on Next
Generation Mobile Applications, Services and Technologies (NGMAST 2015)
|
تاريخ الإنعقاد:
|
09/09/2015
|
مكان
الإنعقاد:
|
Cambridge
– UK
|
طبيعة المشاركة:
|
Paper
Presentation
|
عنوان المشاركة:
|
Simulation-Based
Study of Distributed Denial of Service Attacks Prevention in the Cloud
|
ملخص المشاركة:
|
Distributed
Denial of Service (DDoS) attacks can affect the availability of the networks.
In the age of cloud computing, these attacks are being more harmful in terms
of their common influences and their new effects that harm the cloud
sustainability by exploiting its scalability and payment model
(pay-as-you-use). Therefore, a new form of DDoS attacks is introduced in the
cloud context as an economical version of such attack. This new form is known
as Economical Denial of Sustainability (EDoS) attack. To counteract such
attacks, traditional network security means are used. Specifically, the
firewalls that are working as filters for the incoming packets to the targeted
network according to designated rules by the administrators can mitigate the
impacts of DDoS and EDoS attacks. In this paper, a new solution called
Enhanced DDoS- Mitigation System (Enhanced DDoS-MS) is proposed to encounter
these attacks by utilizing the firewall capabilities in controlling a
verification process to protect the targeted system. These capabilities are
evaluated in a simulation environment. The results proved that the firewall
mitigates the DDoS impacts successfully by improving the provided services to
the users in terms of the response time and server load under attack. The
study also suggests following implementation for the proposed framework with
an active testbed.
|