Solutions for DDoS Attacks on Cloud Environment

The internet has become the key driver for virtually every organization’s growth, brand awareness, and operational efficiency. Unfortunately, cyber terrorists and organized criminals know this fact too. Using a Distributed Denial of Service attack, they can deny corporates and end-users internet access, make the website go slow, and deny access to corporate networks and data, making them unable to service legitimate users. It is not just these that are vulnerable; DDoS attacks are diversions. Due to the increased attack volume, collateral damage is becoming a major cause of concern – packet loss, delays, and high latency for internet traffic of those whose network traffic traverses the WAN saturated by a DDOS attack. DDOS attacks disrupt services and distract security resources, while other attacks, like fraudulent transactions, are attempted. Adaptive DDOS attacks are prevalent – attackers attack traffic on the fly to avoid identification and confuse mitigation plans. Reflective and Amplification attacks are most common – leveraging misconfigured DNS, NTP, and other network resources by spoofing source IP addresses. The bitter reality is that for cloud computing to be useful, it has to be exposed to insecure WANs and the public internet. With Cloud services presence being advertised and the interfaces defined, unauthorized attacks would always look to target the services.

Keywords: Cloud Computing, Cloud Security, CSP, Denial of Service, Scrubbing.