Performance Analysis of Cloud Computing under the Impact of Botnet Attack

Transcription

1 Performance Analysis of Cloud Computing under the Impact of Botnet Attack Malvinder Singh Bali (Research scholar) a, Shivani Khurana (Guide) b * Department of Computer Science and Engineering CTIEMT, Shahpur Jalandhar, India, a [email protected] Abstract Cloud Computing is a model in which customers plug into the Cloud to access I.T resources which are provided on demand & charged as per use to enhance performance and speed. But maintaining the performance of cloud computing has become the biggest challenge for cloud researchers and the performance issues like Latency at the cloud and network end are deteriorating cloud performance. Researchers have worked to eradicate latency at cloud and network end by proposing some of the counter measures. But there is still a loop hole at the user end which is liable to get attacked by intruders causing service disruption which can enhance latency problems. In this paper we have presented the domains in cloud affected by performance with related work done so far. Secondly how latency issues like service disruption attacks at user end hamper the performance of cloud. For this, a Dos based attack has been applied on existing cloud based security model and performance has been evaluated by analyzing the calculated results to see the overall effect of attack on the cloud. Keywords: Cloud Computing, Latency, Botnet, Performance, Availability, DDoS. 1. Introduction to Cloud Computing Cloud is reference to work done on remote computers through a widely connected network-for all practical purposes, the Internet. The Cloud is a reference to the Fuzzy spots across a global network from where you may be accessing files or getting some data crunching done. Today Cloud Computing is expanding and most of the I.T companies are adapting Cloud technology so as to increase business flexibility and cost savings. The most current challenge the companies face is how to incorporate cloud Computing. Availability, Performance and Security are the three main problems when it come to adopting cloud computing. The risk of data loss and legal issues due to security breach is very high. Most companies today prefer Federated Cloud computing System, where some applications are located on public cloud, some applications on private cloud and some legacy applications are accessible over VPN. Performance is generally linked with application capability within the cloud system. Poor performance can be caused by limited bandwidth, disk space, memory, CPU cycle and Network connection, Latency. Due to such reasons in the system it can effectively end a system delivery and users will not accept slow performance. From security point of view, there are lot of loop holes which can degrade the performance of Cloud Computing at the end user.among them is the DDOS attack which hampers the performance of cloud by flooding it with unlimited no of bogus request, thus degrading the cloud performance. This will ultimately lead to slowness in providing resources by cloud vendor companies to their clients. One such DDOS attack which is gaining popularity can hamper cloud performance is Botnet attack. A Cloud based model is developed which will simulate the Cloud Scenario and see the effect of Botnet on the cloud performance. Latency can occur in cloud area, in networks connecting cloud to the end user and at the user end which can be measured by applying the formula. CL is cloud latency. CL1 +NL2=TSL * Corresponding author. [email protected] 215

2 NL is network latency. TSL is total system latency 1.1. Intra Cloud Latency (CL) In cloud, latency can arise when two vm s co-located on the same server communicate with each other. This problem is limited by introducing Nahanni memcached, a port of the well-known memcached that uses inter-vm shared memory instead of a virtual network for cache reads Facebook, for example employs memcached as one of several caching layers Network Latency (NL) Network latency cause applications to spend amount of time waiting for responses from a distant data centre, then the bandwidth may not be fully utilized and performance will suffer. Network latency is comprised of Propagation delay, Node delay and Congestion delay. Good network design can minimize node delay and congestion delay but not propagation delay. 2. Related Work Adam Wolfe and Paul Lu in [3] proposed a memcached named Nahanni Memcached which can reduce the communication overhead between Virtual machines(vm) located in same server and used it with VDE networking to improve the total read latency for a workload by up to 45%(i.e. read latest workload) compared to standard memcached. Ajith Singh and Hemalatha in [1] conducted a survey on how latency occurs in different geographical location. Also revealed an analysis work of how different browsers provide different latency.a test conducted to show effect of bandwidth reveals that when one tries to access cloud based Google docs in cybercafé or GPRS connection it took 20 sec while when tried to open at the campus of university which provides 5.4 mbps it opens in 2 sec. The problem of latency in the cloud network will be solved with the faster adaption of 3g and 4g in the coming years. Mohammad Haideri in [2] tried to highlight the modelling and simulation for different kinds of computer network attacks and their impact on computer and networks. He explained applications for modelling and simulation of computer network security. It presents a comprehensive suggestion to solve the problem in modelling and simulating in the field of Information Security. He simulated the cloud network and implemented the botnet attack on one of the cloud applications i.e. FTP to analyze the effect of the attack on FTP server. Ankush Veer Reddy in [4] proposed a security model for cloud based applications by implementing a firewall using two applications i.e.web based application and database application to simulate and test the efficiency of the model. There are many advantages with the virtual machine implementation, where all the required server operations are no more physical in nature and a group of virtual servers is used in this context (Binning, 2011). The services provided by the service provider are not affected even there are some physical changes to the virtual machine and thus the customers can enjoy the uninterrupted services. However there are some limitations to the virtual machine concept as well and the key among them are the attacks on the virtual server. In general these virtual servers will form a separate group which is apart from the logical groups. In general the cloud environment is dynamic in nature and the data operations between the remote data servers and the client are prone to frequent updates (Andry, 2010). Pardeep Sharma, Sandeep Sood and Sumeet Kaur in [8] had proposed the benefits of cloud computing along with its flip side. This Paper also introduces various issues in Cloud Computing and suggested the possible measures to overcome them and the proposed algorithm is used to calculate and compare the net revenue by using the cloud and data center. Sonia and Satinderpal Singh in [9] reviewed academic research published in the field of energy efficient cloud environment and aimed to provide an overview of analyzing the energy consumption in different types of networks with downloading/uploading speed and computing the performance of networks. Raihana Abdullah,Mohd Faizal Abdullah,Zul Azri Muhamad,Mohd Zakri Mas Ud,Siti Rahayu Selamat and Robiah Yusof in [6] had addressed the current trend of Botnet detection techniques and identifies the significant criteria in each technique. Several existing techniques are analyzed from various researchers and the capability criteria of botnet detection techniques have been reviewed. The comparative analysis of these techniques have been shown on the selected detection criteria. Ashraf Zia and Muhammad Naeem Ahmad Khan in [7] had discussed performance issues in cloud computing.a number of schemes pertaining to QoS issues are critically analyzed to point out their strengths and weaknesses. Some of the performances parameters at the three basic layers of the cloud.iaas, PaaS and SaaS are also discussed in this paper. This paper also observed the key challenging areas that how resources are allocated to clients and what are the roles of cloud providers. Also investigated how the performance can be increased by improving various components in a scalable way with low cost, bitter performances and QoS.Some technical and functional issues in cloud that affect the performance of a cloud are also pointed out. Nagaraju Kilari and Dr R.Sridaran in [5] had proposed various security threats in a classified model and illustrated how cloud and virtualization vulnerabilities affect the different cloud models. The classification of various security threats presented in this paper would definitely benefit the cloud users to make out proper choice and cloud service providers to handle such threats efficiently. As more cloud based applications keep evolving the associated security threats are also growing. Many researchers work on cloud security exist in partial forms of 216

3 either specifically on cloud issues or Virtualization-related security issues Ala Atallah A.AL-Mughrabi and Hussain H.Owaied in [10] had proposed model for database replication model in private cloud availability regions, which is an enhancement of the SQLServer Always On layers of Protection model presented by Microsoft in 2012.The enhancement concentrates in the database replication for private cloud availability region through the use of primary and secondary servers.the process of proposed model during the client send Write/Read Request to the server in Synchronous and Semi Synchronous replication level has been described in detail also. In the Second scenario as shown in Fig 2, we have implemented a firewall in the cloud based scenario with one router acting as a firewall. And a constant packet latency of 0.05 seconds are imposed for packet filtering. 3. Proposed Architecture In our Proposed Architecture, we will first create a cloud based scenario using OPNET I.T GURU Simulator and check the performance using performance metrics like Server load, Traffic received, Utilization and Throughput. Similarly we will duplicate the scenario and implement a firewall in the proposed cloud based scenario with one router acting as a firewall to keep the firewall policies on and evaluate the performance using above mentioned metrics. Lastly the DDoS attack (i.e Botnet attack) is applied on one of the server s of the cloud and performance is evaluated using performance metrics. All the three scenarios are then compared to evaluate the performance of cloud. In this section we have firstly created a normal cloud based scenario as shown in Fig 1, where we have taken two applications namely database application and web based application. A workstation of 10Base_T LAN object is used to act as the home office supporting 150 work stations. Two PPP server objects are used to act as database server and webserver.ip32_cloud object is used to act as the internet cloud. The application configuration object is used to define the application and profile configuration object is used to define the application profile. Fig 2.Firewall based cloud model In the third scenario as shown in Fig 3, we have implemented a botnet attack on the Firewall based cloud scenario by increasing no of workstations from 150 to 250 with 150 users accessing database at the workstation. Fig 3.Botnet attack on Cloud model Table 1 Application Description Application Attribute Load Database Database High Load Web Browsing Http Heavy Browsing Table 2 Simulated Parameters Application Parameter Unit Fig 1.Normal Cloud Scenario Database Traffic sent Traffic received Server DB Query load Throughput Utilization Bytes/sec Bytes /sec Requests/sec Packets/sec 217

4 4. Methodology The OPNET I.T Guru is used to build the network topology of the cloud as described in fig 1.The cloud scenario used across the simulation is done to evaluate the performance of database cloud application by doing the comparative analysis under three different scenarios using Performance metrics. For this a cloud network topology is created, Statistics are chosen to measure the performance, Simulation is made to run and finally results are analyzed based on simulation results. Fig 4 shows the methodology of the simulation. Fig 6. Db Query Traffic Received (packets/sec) In Fig 7, Point-to-point throughput from firewall to IP cloud during firewall security was 60 packets per second whereas during Botnet it was increased to 80 packets persecond. Fig 4. Methodology Used 5. Simulation. Evaluation and Result Analysis On the basis of different scenarios we come up with the results and innovations using the basic parameters that are performance and availability. The first scenario which we have created is normal Scenario, second with firewall Scenario and third one is Botnet scenario. It has been investigated that the Server DB Query load during firewall implementation was 5 requests per second where as it drastically increased to 9 requests per second after botnet attack as shown in Fig 5. Database Query traffic received in firewall scenario was 9.5 packets per second where as it increased rapidly in botnet attack to 14 packets per second as shown in. Same results are analyzed for Db query with bytes per second during traffic received and it was analyzed that effect of botnet over firewall was 24 bytes per second more Fig 6. Fig 7.Point-to-point Throughput (Packets/sec) (From Firewall to IP cloud) In Fig 8, Point-to-point throughput from IPcloud to firewall during firewall security was 100 packets per second whereas during Botnet it was increased to 125 packets per second Fig 8.Point-to-point Throughput (Packets/sec) (From IP cloud to Firewall) Fig 5. Server db Query load Point-to-point Utilization across IP cloud in Botnet attack is more as compared to firewall scenario as shown in 218

5 Fig 9. prime duty to thank all those who have helped to make it successful. It is my immense pleasure to express my Gratitude to Shivani Khurana (Assistant Professor of Computer Science Department) as a guide who provided constructive and positive feedback during the preparation of the paper. References Fig 9.Point-to-Point Utilization 6. Conclusion and Future Work From the simulation work done, we revealed as how Botnet effects the cloud based data application by deteriorating performance of the server database query by increasing load, traffic, utilizing more bandwidth (point-topoint utilization) and sending large packets (point-to-point throughput).to encounter such problems we need to develop Intrusion detection system (IDS) at cloud end so as to limit the effect of botnet on the cloud network Acknowledgment The making of the paper needed co-operation and guidance of a number of people. I therefore consider it my [1] Ajith Singh and Hemalatha, Comparative analysis of Low latency on different bandwidth and geographical locations while using cloud based applications, Head department of Software systems, Kalpagam university Coimbatore: IJAET ISSN: , Jan [2] Mohammad Heidari, The Role of Modeling and Simulation in Information Security the Lost Ring, Springer, 1989, vol. 61. [3] Adam Wolfe Gardon and Paul lu, Low Latency Caching for Cloud based Web applications, Department of Computer Science, University of Alberta, Edmonton, Alberta, Canada: [email protected]., Sept. 16, [4] Ankush Veer Reddy, Usage of Opnet I.T tool to Simulate and test the security of cloud (Project id-395) [5] Nagaraju Kilari and Dr. R.Sridaran, A Survey on Security Threats for Cloud computing International journal of engineering research and technology (IJERT) Volume.1 Issue7, September [6] Raihana,Faizal, ZulAzri, Zaki, SitiRahayu and Robiah, Revealing the Criterion on Botnet Detection Technique International journals of Computer science issues, vol 10,Issue 2, No 3,March [7] Ashraf Zia and Muhammad Naeem Ahmad Khan. Identifying key Challenges in Performance Issues in Cloud Computing.IJMECS, 2012, 10, September [8] Pardeep Sharma, Sandeep Sood and Sumeet Kaur, Cloud Computing issues and what to compute on Cloud International Journal of Advances in Computer networks and in Security,Vol 1,NI.1,PP ,2011 [9] Sonia and Satinder pal Singh. Analysis of Energy Consumption in Different types of networks For Cloud Environment IJARCSSE Vol 2, Issue 2, Feb 2012 ISSN: X [10] Ala Atallah A.AL-Mughrabi and Hussain H Owaied, Framework Model for database Replication within the Availability Zones in International journal of computer issues(ijcsi),vol 10,ISSUE 2,No 1,March