Simulation Analysis of SYN Flood and HTTP Flood Attacks on Cloud Infrastructure Integrity

This paper presents a comparative simulation study of SYN Flood and HTTP Flood Distributed Denial-of-Service (DDoS) attacks in cloud environments using CloudSim. A modular testbed was configured with attacker VMs generating cloudlets and victim VMs handling legitimate workloads, under realistic network constraints. Experimental results revealed distinct attack signatures: SYN Flood produced high volumes of half-open connections, while HTTP Flood exhausted CPU, memory, and bandwidth due to resource-intensive request processing. SYN Flood achieved a 35% packet loss rate with 10,000 cloudlets, while HTTP Flood produced a 40% loss rate with only 3,000 requests, demonstrating that application-layer attacks, though lower in volume, cause more severe degradation. These findings highlight the importance of nuanced defense strategies tailored to each attack type, beyond volumetric thresholds alone.

CloudSim; DDoS; SYN Flood; HTTP Flood

1. N. Agrawal and S. Tapaswi, Defense mechanisms against DDOS attacks in a cloud computing environment: State-of-the-Art and Research challenges, IEEE Communications Surveys & Tutorials 21(4) (2019) 3769–3795. [Google Scholar] [Crossref]

2. M. Darwish, A. Ouda, and L. F. Capretz, Cloud-based DDoS attacks and defenses, Journal of Network and Computer Applications 176 (2021) 102914. [Google Scholar] [Crossref]

3. R. V. Deshmukh and K. K. Devadkar, Understanding DDoS Attack & its Effect in Cloud Environment, Procedia Computer Science 49 (2015) 202–210. [Google Scholar] [Crossref]

4. S. Madan, A. Anita, and A. Ali, DDoS attacks in cloud environment, International Journal of Health Sciences 6(S4) (2022) 5836–5847. [Google Scholar] [Crossref]

5. A. Sharma, R. Islam, and D. Ningombam, Analysis of DDoS attack in cloud infrastructure, in: Soft Computing Techniques and Applications, Springer, 2021, pp. 245–253. [Google Scholar] [Crossref]

6. M. Saran, R. K. Yadav, and U. N. Tripathi, Mitigation of DDoS attacks in cloud computing using a Bayesian hyperparameter optimization-based machine learning approach, International Journal for Research Trends and Innovation 7(11) (2022) 765–771. [Google Scholar] [Crossref]

7. M. Cohen Gadol, DDOS and Cloud Auto-Scaling Mechanism, M.Sc. thesis, The [Google Scholar] [Crossref]

8. Interdisciplinary Center, Herzliya, 2016. [Google Scholar] [Crossref]

9. H. Ouarnoughi, J. Boukhobza, F. Singhoff, and S. Rubini, Integrating I/Os in CloudSIM for performance and energy estimation, in: Proceedings of WOPSSS '16, 2016, pp. 40–47. [Google Scholar] [Crossref]

10. S. Karthik and J. J. Shah, Analysis of simulation of DDoS attack in cloud, in: Proceedings of ICICES 2014, IEEE, 2014, pp. 1–5. [Google Scholar] [Crossref]

11. A. A. A. Ali, et al., Efficient DDoS Attack Detection and Prevention Framework Using CloudSim, International Journal of Computer Science and Mobile Computing 7(8) (2018) 234–241. [Google Scholar] [Crossref]

12. K. O. Basulaim and H. M. Al-Amoudi, Reinforcement Learning for Detection and Prevention of DDoS Attacks in Cloud Environment, International Journal of Computer Systems Science 17(1) (2023) 45–62. [Google Scholar] [Crossref]

13. I. Sreeram and V. P. K. Vuppala, HTTP flood attack detection in application layer using machine learning metrics and bio-inspired Bat algorithm, Applied Computing and Informatics 16(1/2) (2018) 183–201. [Google Scholar] [Crossref]

14. RFC 5166: Metrics for the Evaluation of Congestion Control Mechanisms, IETF Datatracker, https://datatracker.ietf.org/doc/rfc5166 [Google Scholar] [Crossref]

• Smart Iot Device for Weather And Health
• Merlarchive: A Web-Based Academic Hub for UDM With AI-Powered Natural Language Processing
• Enhanced Social Network Security System: Integrating Biometric Authentication for Improved User Verification and Privacy Protection
• Smart Budget Allocation in Public Policy: A Data-Driven Approach for Equitable Resource Distribution
• Decision Support System for Faculty Selection, Promotion, and Reclassification Using Predictive Analytics