Preventing Denial-Of-Service Attack Using Elgamal Cryptography in Cloud Computing

Title:        Preventing Denial-of-Service attack Using Elgamal Cryptography in Cloud         Computing.

Leader                : Standley anak Peter Gury (49091)

Members        : Nurul Husna bt Muhd Radzi (53476)

                  Martin Boyd Diwik (52435)

                  Angelyn Bija anak Jamba (51220)

                  Anne Vanessa Melia anak Jannis (51235)

                  Norafaraliza binti Rosdi (52980)

                  Prescilia Elsie anak Honchin (53600)

                  Nora Syahirah binti Aris (52977)

                  Syed Yusuf bin Wan Habib Abdul Rahman (55088)

                  Norfarahim Norazhar (54861)

                  Nik Nurshahirah binti Nik Sabri (37509)

[pic 1]

figure 1: Network Model Diagram

Problem statement:

1. Denial-of-Service attack

Proposed solution:

There are several solutions that had been proposed by several authors. The 1st solution was a solution proposed by Jin, Wang and Shin (2003) which was a filtering technique which aim to discard spoofed IP packets. By applying the filtering techniques, through analysis using network measurement data, it’s found that that Hop-Count Filtering is identified close to 90% of spoofed IP packets, and is discarded with little collateral damage. They implement and evaluate Hop-Count Filtering in the Linux kernel, demonstrating its benefits using experimental measurements. As we already know, Denial-of-Service attacks has been exploiting IP spoofing to conceal the localities of the incoming flooding traffic thus coax legitimate hosts into becoming reflectors, redirecting and amplifying flooding traffic. Thus, the ability to filter spoofed IP packets near victims is essential to their own protection as well as to their avoidance of becoming involuntary Denial of Service reflectors.

Another solution that was proposed by Mohd Nazri Ismail et al. (2011) is by overcoming the problem in the attack detection stage using covariance matrix statistical method and attack source Time-To-Live (TTL) value counting method, the attack prevention will be based on Honeypot mechanism which is to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information system. Generally, a honeypot consists of data that appears to be a legitimate part of the site, but is actually isolated and monitored, and that seems to contain information or a resource of value to attackers, who are then blocked. This method is similar to the police baiting a criminal method and thus has shown to be efficient in disabling the Denial-of-Service attacks in the cloud environment. However, the proposed techniques above alone aren’t enough to secure cloud computing thus we proposed a solution to compliment the above techniques by implementing elgamal cryptography technique to secure cloud computing.

...