DDoS attacks in cloud computing: Collateral damage to non-targets.

The effects of distributed denial-of-service (DDoS) attacks on cloud computing are not very similar to those in traditional “fixed” on-premise infrastructure. In the context of DDoS attacks in multi-tenant clouds, we argue that, instead of just the victim server, multiple other stakeholders are also involved. Some of these important stakeholders are co-hosted virtual servers, physical servers, network resources, and cloud service providers. In this paper, we show through system analysis, experiments, and simulations that these stakeholders are collaterally affected, even though they are not the real targets of the attack. Damages/effects to these stakeholders include performance interference, web service performance, resource race, indirect EDoS (economic denial of sustainability), service downtime, and business losses. The result of our cloud-scale experiment revealed that overall energy consumption and the number of VM migrations are adversely affected owing to DDoS/EDoS attacks. To the best of our knowledge, this work is the first novel contribution in regard to the effect characterization on non-targets in the cloud computing space. We make an effort to identify the targets of these effects and their origins, such as auto-scaling, multi-tenancy, and accounting in the cloud. We argue that there is an immense need to relook at the DDoS solutions in the cloud space where efforts are needed to minimize these effects. Finally, we have identified the detailed requirements of mitigation solutions to DDoS attacks in the cloud with an aim to minimize these effects. We provide an ideal solution design by taking characterization outcomes as important building blocks.