A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack

Cloud computing is an internet based pay as use service which provides three layered services (Software as a Service, Platform as a Service and Infrastructure as a Service) to its consumers on demand. These on demand service facilities provide to its consumers in multitenant environment but as facility increases complexity and security problems also increase. Here all the resources are at one place in data centers. Cloud uses public and private APIs (Application Programming Interface) to provide services to its consumers in multitenant environment. In this environment Distributed Denial of Service attack (DDoS), especially HTTP, XML or REST based DDoS attacks may be very dangerous and may provide very harmful effects for availability of services and all consumers will get affected at the same time. One other reason is that because the cloud computing users make their request in XML then send this request using HTTP protocol and build their system interface with REST protocol such as Amazon EC2 or Microsoft Azure. So the threaten coming from distributed REST attacks are more and easy to implement by the attacker, but to security expert very difficult to resolve. So to resolve these attacks this paper introduces a comber approach for security services called filtering tree. This filtering tree has five filters to detect and resolve XML and HTTP DDoS attack.