AbstractOne paper we analyze the ‘Yo-Yo attack’, an efficient

AbstractOne of the best practices for Distributed Denial of Service (DDoS) resiliency in the cloud is the auto-scaling mechanism, where machines can be added and removed in an online according to fluctuating load. It is commonly believed that the auto-scaling mechanism translates the DDoS attacks into Economic Denial of Sustainability attack (EDoS). Rather than suffering from performance degradation up to a total denial of service the victim suffers only from economic damage incurred by paying the extra resources required to process the bogus traffic of the attack. In this paper we analyze the ‘Yo-Yo attack’, an efficient attack on the auto-scaling mechanism. In the Yo-Yo attack, the attacker sends periodic bursts of overload, thus causing the auto-scaling mechanism to oscillate between scale-up and scale-down phases. The Yo-Yo attack causes significant performance degradation in addition to economic damage, while the attack is harder to detect and requires less resources from the attacker compared to traditional DDoS. Keywords: DDOS;Yo-yo attack;Cloud;Auto-scaling mechanism;1.IntroductionIn the last few years, more and more public and private networks rely on cloud and virtualization to provide the service while meeting their SLA commitments. One attractive property of the cloud is its support for rapid elasticity – the ability to scale the number of machines up and down according to the load on the machine, which can be configured to occur automatically, according to customer-set thresholds. This auto-scaling mechanism provides an ability to cope with many of the basic Distributed Denial of Service (DDoS) attacks , but opens the door to a new type of attack, the Economic Denial of Sustainability attacks . In DDoS, an attacker overwhelms the victim with bogus traffic, blocking the service from legitimate users. With a cloud-based operation, the auto-scaling mechanism ensures that a victim can cope with an attack by providing the victim with more resources to handle the attack. This solution, however, comes with an economic penalty termed EDoS, since the victim needs to pay for the extra not beneficial resources that process the bogus traffic. In many DoS attacks, the danger of the attack impact is mitigated by the expected cost to the attacker: the more effort required on the side of the attacker, who has to invest in generating large amounts of traffic, the less likely it is to occur. In this work we present the ‘Yo-Yo attack’, an efficient attack on the auto-scaling mechanism, which results in an Economic Denial of Sustainability attack (EDoS) that is difficult to detect. The attack cycles between two phases repeatedly: In the on-attack phase, the attacker sends a short burst of traffic that causes the auto-scaling mechanism to perform a scale up. In the off-attack phase, the attacker stops sending the excess traffic. This second phase takes place when the attacker identifies that the scale up has occurred. Once the attacker determines that the scale down occurred, the process is repeated. Clearly, the strength of the attack is partially determined by the ability of the attacker to determine when to switch between the two phases. We demonstrate the Yo-Yo attack on Amazon cloud service, and show how the attacker can detect the state of the auto-scaling mechanism.2.DDoSA Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.In a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.International Conference on Computational Intelligence and Data Science (ICCIDS2018)DDOS and Yo-Yo Attack and cloud auto scaling mechanismAbhishek Kumar ,Adriealle Dsouza ,Anant MehraB.Tech (CSE)The Northcap University Sector 23-A,Gurgaon