Skip to Main content Skip to Navigation

Vers une détection à la source des activités malveillantes dans les clouds publics : application aux attaques de déni de service

Abstract : Currently, cloud computing is a flexible and cost-effective solution widely adopted for the large-scale production of IT services. However, beyond a main legitimate usage, malicious users take advantage of these features in order to get a ready-to-use attack platform, offering a massive power. Among the greatest beneficiaries of this cloud conversion into an attack support, botclouds are used to perpetrate Distributed Denial of Service (DDoS) attacks toward any third party connected to the Internet.Although such attacks, when perpetrated by botnets, have been extensively studied in the past, their operations and their implementation context are different herein and thus require new solutions. In order to achieve such a goal, we propose in the thesis work presented in this manuscript, a distributed approach for a source-based detection of DDoS attacks perpetrated by virtual machines hosted in a public cloud. Firstly, we present an experimental study that consists in the implementation of two botclouds in a real deployment environment hosting a legitimate workload. The analysis of the collected data allows the deduction of behavioural invariants that form the basis of a signature based detection system. Then, we present in the following a detection system based on the identification of principal components of the deployed botclouds. Finally, in order to deal with the scalability issues, we propose a distributed solution of our detection system, which relies on a mesh peer-to- peer architecture resulting from the overlap of several overlay trees
Complete list of metadata
Contributor : ABES STAR :  Contact
Submitted on : Friday, October 1, 2021 - 11:00:10 AM
Last modification on : Saturday, October 2, 2021 - 3:42:50 AM
Long-term archiving on: : Sunday, January 2, 2022 - 6:37:44 PM


Version validated by the jury (STAR)


  • HAL Id : tel-03361064, version 1



Badis Hammi. Vers une détection à la source des activités malveillantes dans les clouds publics : application aux attaques de déni de service. Cryptographie et sécurité [cs.CR]. Université de Technologie de Troyes, 2015. Français. ⟨NNT : 2015TROY0023⟩. ⟨tel-03361064⟩



Record views


Files downloads