Cloud Computing

Basic Definition• When we store your photos online instead of on

your home computer, or use webmail or a social networking site, we are using a “cloud computing” service. If we are an organization, and you want to use, for example, an online invoicing service instead of updating the in-house one we have been using for many years, that online invoicing service is a “cloud computing” service. Basically it is on network sharing of resources.

Deployment of cloud services:

• Generally speaking, services provided by a public cloud are offered over the Internet and are owned and operated by a cloud provider. Some examples include services aimed at the general public, such as online photo storage services, e-mail services, or social networking sites. However, services for enterprises can also be offered in a public cloud.

• In a private cloud, the cloud infrastructure is operated solely for a specific organization, and is managed by the organization or a third party.

• In a community cloud, the service is shared by several organizations and made available only to those groups. The infrastructure may be owned and operated by the organizations or by a cloud service provider

Service Models

• Infrastructure as a Service•Platform as a Service• Software as a Service

Private Cloud Implementation• We first need to understand the architecture:

DDOSDistributed Denial Of Service Attack

Distributed Denial of Service Attack

• In computing, a denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users.

• Although the means to carry out, the motives for, and targets of a DoS attack vary, it generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

• As clarification, distributed denial-of-service attacks are sent by two or more persons, or bots, and denial-of-service attacks are sent by one person or system. As of 2014, the frequency of recognized DDoS attacks had reached an average rate of 28 per hour.

Algorithm Used

•Traffic Analyzer.•Entropy Profiling.•Shannon Weiner Index.

Traffic Analyzer Input: Incoming Packets• Output: Network traffic condition• BEGIN• FOR each time period, t• Packets are logged at traffic analyzer for traffic rate

computation• IF (Traffic Rate <= Link capacity)• Alert “Normal (obtuse) Traffic condition”• ELSE• Alert “Abnormal (Acute) Traffic condition”• Forward Packets to Level 2.• END IF• END FOR• END

Entropy Profiling• Input: Buffered packets of traffic analyzer, TRIAL phase• Output: Cause of overload• BEGIN• Buffered packets at traffic analyzer are logged to• MONITOR phase• Difference between the phases yields Kullback Leibler• SET Threshold ()

IF (HD <= Threshold)

• Alert “overload is a cause of legitimate (Flash crowd)”• ELSE• Alert “overload is a cause of attack sources (DDoS)”• END IF• END•

Shannon Weiner Index• Shannon Weiner Index is used for detecting level of DDoS.• IF (DDoS)• Calculate Index• Print Level of DDoS• END IF• END