{"title":"全面评述漏洞和人工智能防御 DDoS 攻击以确保云服务安全","authors":"Surendra Kumar , Mridula Dwivedi , Mohit Kumar , Sukhpal Singh Gill","doi":"10.1016/j.cosrev.2024.100661","DOIUrl":null,"url":null,"abstract":"<div><p>The advent of cloud computing has made a global impact by providing on-demand services, elasticity, scalability, and flexibility, hence delivering cost-effective resources to end users in pay-as-you-go manner. However, securing cloud services against vulnerabilities, threats, and modern attacks remains a major concern. Application layer attacks are particularly problematic because they can cause significant damage and are often difficult to detect, as malicious traffic can be indistinguishable from normal traffic flows. Moreover, preventing Distributed Denial of Service (DDoS) attacks is challenging due to its high impact on physical computer resources and network bandwidth. This study examines new variations of DDoS attacks within the broader context of cyber threats and utilizes Artificial Intelligence (AI)-based approaches to detect and prevent such modern attacks. The conducted investigation determines that the current detection methods predominantly employ collectively, hybrid, and single Machine Learning (ML)/Deep Learning (DL) techniques. Further, the analysis of diverse DDoS attacks and their related defensive strategies is vital in safeguarding cloud infrastructure against the detrimental consequences of DDoS attacks. This article offers a comprehensive classification of the various types of cloud DDoS attacks, along with an in-depth analysis of the characterization, detection, prevention, and mitigation strategies employed. The article presents, an in-depth analysis of crucial performance measures used to assess different defence systems and their effectiveness in a cloud computing environment. This article aims to encourage cloud security researchers to devise efficient defence strategies against diverse DDoS attacks. The survey identifies and elucidates the research gaps and obstacles, while also providing an overview of potential future research areas.</p></div>","PeriodicalId":48633,"journal":{"name":"Computer Science Review","volume":"53 ","pages":"Article 100661"},"PeriodicalIF":13.3000,"publicationDate":"2024-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A comprehensive review of vulnerabilities and AI-enabled defense against DDoS attacks for securing cloud services\",\"authors\":\"Surendra Kumar , Mridula Dwivedi , Mohit Kumar , Sukhpal Singh Gill\",\"doi\":\"10.1016/j.cosrev.2024.100661\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>The advent of cloud computing has made a global impact by providing on-demand services, elasticity, scalability, and flexibility, hence delivering cost-effective resources to end users in pay-as-you-go manner. However, securing cloud services against vulnerabilities, threats, and modern attacks remains a major concern. Application layer attacks are particularly problematic because they can cause significant damage and are often difficult to detect, as malicious traffic can be indistinguishable from normal traffic flows. Moreover, preventing Distributed Denial of Service (DDoS) attacks is challenging due to its high impact on physical computer resources and network bandwidth. This study examines new variations of DDoS attacks within the broader context of cyber threats and utilizes Artificial Intelligence (AI)-based approaches to detect and prevent such modern attacks. The conducted investigation determines that the current detection methods predominantly employ collectively, hybrid, and single Machine Learning (ML)/Deep Learning (DL) techniques. Further, the analysis of diverse DDoS attacks and their related defensive strategies is vital in safeguarding cloud infrastructure against the detrimental consequences of DDoS attacks. This article offers a comprehensive classification of the various types of cloud DDoS attacks, along with an in-depth analysis of the characterization, detection, prevention, and mitigation strategies employed. The article presents, an in-depth analysis of crucial performance measures used to assess different defence systems and their effectiveness in a cloud computing environment. This article aims to encourage cloud security researchers to devise efficient defence strategies against diverse DDoS attacks. The survey identifies and elucidates the research gaps and obstacles, while also providing an overview of potential future research areas.</p></div>\",\"PeriodicalId\":48633,\"journal\":{\"name\":\"Computer Science Review\",\"volume\":\"53 \",\"pages\":\"Article 100661\"},\"PeriodicalIF\":13.3000,\"publicationDate\":\"2024-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Science Review\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1574013724000455\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science Review","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574013724000455","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
A comprehensive review of vulnerabilities and AI-enabled defense against DDoS attacks for securing cloud services
The advent of cloud computing has made a global impact by providing on-demand services, elasticity, scalability, and flexibility, hence delivering cost-effective resources to end users in pay-as-you-go manner. However, securing cloud services against vulnerabilities, threats, and modern attacks remains a major concern. Application layer attacks are particularly problematic because they can cause significant damage and are often difficult to detect, as malicious traffic can be indistinguishable from normal traffic flows. Moreover, preventing Distributed Denial of Service (DDoS) attacks is challenging due to its high impact on physical computer resources and network bandwidth. This study examines new variations of DDoS attacks within the broader context of cyber threats and utilizes Artificial Intelligence (AI)-based approaches to detect and prevent such modern attacks. The conducted investigation determines that the current detection methods predominantly employ collectively, hybrid, and single Machine Learning (ML)/Deep Learning (DL) techniques. Further, the analysis of diverse DDoS attacks and their related defensive strategies is vital in safeguarding cloud infrastructure against the detrimental consequences of DDoS attacks. This article offers a comprehensive classification of the various types of cloud DDoS attacks, along with an in-depth analysis of the characterization, detection, prevention, and mitigation strategies employed. The article presents, an in-depth analysis of crucial performance measures used to assess different defence systems and their effectiveness in a cloud computing environment. This article aims to encourage cloud security researchers to devise efficient defence strategies against diverse DDoS attacks. The survey identifies and elucidates the research gaps and obstacles, while also providing an overview of potential future research areas.
期刊介绍:
Computer Science Review, a publication dedicated to research surveys and expository overviews of open problems in computer science, targets a broad audience within the field seeking comprehensive insights into the latest developments. The journal welcomes articles from various fields as long as their content impacts the advancement of computer science. In particular, articles that review the application of well-known Computer Science methods to other areas are in scope only if these articles advance the fundamental understanding of those methods.