Search for Articles:
International Journal of Computer Network and Information Security (IJCNIS)

IJCNIS Vol. 15, No. 2, 8 Apr. 2023

Cover page and Table of Contents: PDF (size: 448KB)

MECS Press Journal

LCDT-M: Log-Cluster DDoS Tree Mitigation Framework Using SDN in the Cloud Environment

Full Text (PDF, 448KB), PP.62-72

Views: 0 Downloads: 0

Author(s)

Jeba Praba. J. 1,2,* R. Sridaran 3

1. Department of Computer Applications, Christ College, Rajkot, India

2. Marwadi University, Rajkot, Gujarat, India

3. Faculty of Computer Applications, Marwadi University, Rajkot, Gujarat, India

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2023.02.05

Received: 13 Oct. 2022 / Revised: 14 Dec. 2022 / Accepted: 20 Jan. 2023 / Published: 8 Apr. 2023

Index Terms

DDoS Attack, Software Defined Networks, Cloud Security, Threat Detection, Log-Cluster DDoS Tree Mitigation

Abstract

In the cloud computing platform, DDoS (Distributed Denial-of-service) attacks are one of the most commonly occurring attacks. Research studies on DDoS mitigation rarely considered the data shift problem in real-time implementation. Concurrently, existing studies have attempted to perform DDoS attack detection. Nevertheless, they have been deficient regarding the detection rate. Hence, the proposed study proposes a novel DDoS mitigation scheme using LCDT-M (Log-Cluster DDoS Tree Mitigation) framework for the hybrid cloud environment. LCDT-M detects and mitigates DDoS attacks in the Software-Defined Network (SDN) based cloud environment. The LCDT-M comprises three algorithms: GFS (Greedy Feature Selection), TLMC (Two Log Mean Clustering), and DM (Detection-Mitigation) based on DT (Decision Tree) to optimize the detection of DDoS attacks along with mitigation in SDN. The study simulated the defined cloud environment and considered the data shift problem during the real-time implementation. As a result, the proposed architecture achieved an accuracy of about 99.83%, confirming its superior performance.

Cite This Paper

Jeba Praba. J., R. Sridaran, "LCDT-M: Log-Cluster DDoS Tree Mitigation Framework Using SDN in the Cloud Environment", International Journal of Computer Network and Information Security(IJCNIS), Vol.15, No.2, pp.62-72, 2023. DOI:10.5815/ijcnis.2023.02.05

Reference
[1]B. Alouffi, M. Hasnain, A. Alharbi, W. Alosaimi, H. Alyami, and M. Ayaz, "A systematic literature review on cloud computing security: Threats and mitigation strategies," IEEE Access, vol. 9, pp. 57792-57807, 2021.
[2]R. Swami, M. Dave, and V. Ranga, "Software-defined networking-based DDoS defense mechanisms," ACM Computing Surveys (CSUR), vol. 52, pp. 1-36, 2019.
[3]S. Velliangiri, P. Karthikeyan, and V. Vinoth Kumar, "Detection of distributed denial of service attack in cloud computing using the optimization-based deep networks," Journal of Experimental & Theoretical Artificial Intelligence, vol. 33, pp. 405-424, 2021.
[4]S. NAIEM, M. I. AMIRA, M. MARIE, E. K. AYMAN, I. GAMAL, H. ABDEL-GALIL, et al., "DDOS ATTACKS DEFENSE APPROACHES AND MECHANISM IN CLOUD ENVIROMENT," Journal of Theoretical and Applied Information Technology, vol. 100, 2022.
[5]S. Velliangiri and H. M. Pandey, "Fuzzy-Taylor-elephant herd optimization inspired Deep Belief Network for DDoS attack detection and comparison with state-of-the-arts algorithms," Future Generation Computer Systems, vol. 110, pp. 80-90, 2020.
[6]A. Bhardwaj, V. Mangat, R. Vig, S. Halder, and M. Conti, "Distributed denial of service attacks in cloud: State-of-the-art of scientific and commercial solutions," Computer Science Review, vol. 39, p. 100332, 2021.
[7]S. Kati, A. Ove, B. Gotipamul, M. Kodche, and S. Jaiswal, "Comprehensive Overview of DDOS Attack in Cloud Computing Environment using different Machine Learning Techniques," Available at SSRN 4096388, 2022.
[8]F. J. Abdullayeva, "Distributed denial of service attack detection in E-government cloud via data clustering," Array, p. 100229, 2022.
[9]K. Bhushan and B. B. Gupta, "Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment," Journal of Ambient Intelligence and Humanized Computing, vol. 10, pp. 1985-1997, 2019.
[10]P. Verma, S. Tapaswi, and W. W. Godfrey, "An adaptive threshold-based attribute selection to classify requests under DDoS attack in cloud-based systems," Arabian Journal for Science and Engineering, vol. 45, pp. 2813-2834, 2020.
[11]J. Singh and S. Behal, "Detection and mitigation of DDoS attacks in SDN: A comprehensive review, research challenges and future directions," Computer Science Review, vol. 37, p. 100279, 2020.
[12]A. Mishra and N. Gupta, "Supervised Machine Learning Algorithms Based on Classification for Detection of Distributed Denial of Service Attacks in SDN-Enabled Cloud Computing," in Cyber Security, Privacy and Networking, ed: Springer, 2022, pp. 165-174.
[13]B. Wang, Y. Zheng, W. Lou, and Y. T. Hou, "DDoS attack protection in the era of cloud computing and software-defined networking," Computer Networks, vol. 81, pp. 308-319, 2015.
[14]F. S. d. Lima Filho, F. A. Silveira, A. de Medeiros Brito Junior, G. Vargas-Solar, and L. F. Silveira, "Smart detection: an online approach for DoS/DDoS attack detection using machine learning," Security and Communication Networks, vol. 2019, 2019.
[15]N. M. Yungaicela-Naula, C. Vargas-Rosales, and J. A. Perez-Diaz, "SDN-based architecture for transport and application layer DDoS attack detection by using machine and deep learning," IEEE Access, vol. 9, pp. 108495-108512, 2021.
[16]M. Wang, Y. Lu, and J. Qin, "A dynamic MLP-based DDoS attack detection method using feature selection and feedback," Computers & Security, vol. 88, p. 101645, 2020.
[17]A. Patil and D. Kshirsagar, "Towards feature selection for detection of DDoS attack," in Computing in Engineering and Technology, ed: Springer, 2020, pp. 215-223.
[18]P. Verma, S. Tapaswi, and W. W. Godfrey, "A request aware module using CS-IDR to reduce VM level collateral damages caused by DDoS attack in cloud environment," Cluster Computing, vol. 24, pp. 1917-1933, 2021.
[19]A. Agarwal, M. Khari, and R. Singh, "Detection of DDOS attack using deep learning model in cloud storage application," Wireless Personal Communications, pp. 1-21, 2021.
[20]D. Alghazzawi, O. Bamasag, H. Ullah, and M. Z. Asghar, "Efficient detection of DDoS attacks using a hybrid deep learning model with improved feature selection," Applied Sciences, vol. 11, p. 11634, 2021.
[21]S. Haider, A. Akhunzada, I. Mustafa, T. B. Patel, A. Fernandez, K.-K. R. Choo, et al., "A deep CNN ensemble framework for efficient DDoS attack detection in software defined networks," Ieee Access, vol. 8, pp. 53972-53983, 2020.
[22]N. O. Ogwara, K. Petrova, and M. L. Yang, "Towards the Development of a Cloud Computing Intrusion Detection Framework Using an Ensemble Hybrid Feature Selection Approach," Journal of Computer Networks and Communications, vol. 2022, 2022.
[23]M. Aamir and S. M. A. Zaidi, "DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation," International Journal of Information Security, vol. 18, pp. 761-785, 2019.
[24]T. A. Tuan, H. V. Long, L. H. Son, R. Kumar, I. Priyadarshini, and N. T. K. Son, "Performance evaluation of Botnet DDoS attack detection using machine learning," Evolutionary Intelligence, vol. 13, pp. 283-294, 2020.
[25]S. Dong and M. Sarem, "DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks," IEEE Access, vol. 8, pp. 5039-5048, 2019.
[26]M. Zareapoor, P. Shamsolmoali, and M. A. Alam, "Advance DDOS detection and mitigation technique for securing cloud," International Journal of Computational Science and Engineering, vol. 16, pp. 303-310, 2018.
[27]A. Abusitta, M. Bellaiche, and M. Dagenais, "An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment," Journal of Cloud Computing, vol. 7, pp. 1-18, 2018.
[28]Jeba Praba. J, R. Sridaran "An SDN-based Decision Tree Detection (DTD) Model for Detecting DDoS Attacks in Cloud Environment," International Journal of Advanced Computer Science and Applications(IJACSA), vol. 13, pp. 54-64, 2022.
[29]ALDAPA, "gureKddcup and gureKddcup6percent dataset, Computer architecture and technology," University of basque Country 2019.

Subscribe to receive issue release notifications and newsletters from MECS Press journals