Cloud Survivability Scenarios Under Attacks With and Without Countermeasures

Background: Despite its increasing importance, cloud computing is vulnerable to Distributed Denial of Service (DDoS) attacks, affecting data centre availability and functionality. Unfortunately, the impact of these attacks on cloud survivability remains underexplored. Most works overlook long-term resilience and lack comprehensive metrics, in-depth simulation, large-scale experiments, and combined attack and defence scope. Objective: This study investigates the survivability of cloud environments under DDoS attacks in extreme cases, involving intensive attacks leading to cloud failure. By simulating worst-case scenarios, including thousands of attacks on large-scale clouds with and without countermeasures, we assess cloud resilience and identify the limitations of existing defences. Methods: We conduct extensive simulations using NetLogo, modelling a cloud environment subjected to SYN flood, smurf, UDP flood, HTTP flood and malformed packet attacks. We evaluated the impact of attacks individually and in combinations, both with and without countermeasures. Each simulation involves request exchanges between end user nodes and data centres using an appropriate algorithm. We varied parameters like the number of data centres, malicious nodes, and the types and rate of attacks. Results: The study analyses cloud resilience in terms of message delivery, available data centres, and functional node ratios, as well as tolerance and breakage thresholds. Findings indicate that cloud systems can tolerate a certain level of DDoS attack density where data centres remain accessible even without countermeasures. However, the latter greatly enhances cloud security, although their performance may decrease dramatically under extreme conditions. This highlights the importance of optimizing countermeasures, especially to handle high-intensity attacks. Conclusion: This study provides valuable insights for cloud managers to enhance resilience and face sophisticated DDoS attacks. While current countermeasures offer initial mitigation, they are insufficient against complex and combined threats. Thus, future research should focus on developing robust, multi-layered defence mechanisms and providing data centre duplication to ensure service availability.