DDoS Protection for Cloud Computing PaaS

Like For IaaS, DDoS Protection for Cloud Computing PaaS is Also Increasingly Becoming Important. Attackers Are Now PaaS and Even SaaS Setups. Yesterday, we published similar kind of guide – DDoS Protection for Cloud Computing IaaS, this time a bit newer thing. You probably need to read the article first. With Cloud Computing IaaS, one can compare our traditional virtual servers, but PaaS can make most of the advanced users clueless. Problem with SaaS is less to the consumers – consumers need not to think about DDoS Protection. But PaaS falls in-between.

DDoS Protection for Cloud Computing PaaS : Which Segments Are More Vulnerable?

Actually PaaS is quite largely used in many enterprise setup as it gives the WordPress Multi-host like subdomain creation feature. It is pretty easy to use, configure and develop many web softwares. Last year (Q2, 20014); the report started for PaaS being increasingly attacked. Just like WordPress, PaaS practically has few F/OSS options. Red Hat OpenShift is a Free Software. Usually when we say Red Hat OpenShift, it means the web service. Exactly in WordPress model – WordPress dot com and WordPress dot org. Even Nginx paid version is used on OpenShift. Secondly, another big provider is Heroku. Heroku is a big platform for hosting the Facebook applications. There can be dubious Facebook applications which claims to give miraculous results – from predicting your time to death to which lady you’ll marry. They keep hundreds of javascripts with potential malware features for Ad revenue purpose. Attacks are in botnet style. Rackspace Cloud Sites is a PaaS – it is aPaaS. So, there can be lot of websites than you possibly imagined at the beginning of this article.

There many limitations of PaaS like that with naked domain. IaaS and PaaS does not actually run in the same way.

DDoS attacks can be classified into 3 main categories – Volume Based Attacks or Bandwidth Based Attacks, Protocol Attacks and Application Layer Attacks.

In case of PaaS, the attack usually concentrates on the specific web applications and flood with HTTP requests. There are typical Cloud specific DDoS attacks like SYN Floods (exploits the flaws in TCP 3 way handshake procedures), UDP Floods (Floods with UDP packets to the random ports), ICMP Floods (Flooded with ICMP echo request packets), Ping of Death (thats why we gave warning for activating Ping on Nginx), Smurf Attack (ping from a spoofed IP address), HTTP based DoS Attack (HDoS), XML based DoS Attack (XDoS) etc.

DDoS Protection for Cloud Computing PaaS as Countermeasure

Co-operative Intrusion Detection System, Cloud Trace Back Model(CTB) and Cloud Protector, Confidence Based Filtering(CBF) Approach, CLASSIE Packet Marking Approach, Filtering Tree Approach, Information Theory Based Metrics Method are commonly used methods to protect the Cloud DDoS.

Current political stuffs, exactly like Akamai stated last year, increased these attacks. Except using a professional specified service for serious web applications, there is very less to do works in the Security part. It is obvious that using a tight password, not using PHPMyAdmin on the same “gear” will make the setup secure. As physical IP address is not exactly allocated in the way we do with IaaS, the attacks can be handled at DNS level if a custom domain is used and the internal domain is not exposed outside.

So, just keep this matter in head that PaaS can also face DDoS. This is not for not using the PaaS – this is for keeping the things safer.