Machine Learning-Based Approaches for Detecting and Mitigating Distributed Denial of Service (DDoS) Attacks to Improved Cloud Security
DOI:
https://doi.org/10.47672/ejt.2757Keywords:
DDoS attacks, Cloud security, Threat detection, Long Short-Term Memory (LSTM), CNN,RNN,Machine learning(ML), CIC-DDoS2019 dataset, Cloud Environment.Abstract
Purpose: The research focuses on detecting and mitigating Distributed Denial of Service (DDoS) attacks in cloud environments. It aims to evaluate the effectiveness of machine learning models, particularly the CNN-LSTM hybrid model and the ID3 decision tree, in ensuring cloud security.
Materials and Methods: For this study, the CIC-DDoS2019 dataset was used as the primary source of data. The dataset was divided into training and testing sets using an 80:20 split to ensure robust evaluation. Two models were selected for comparison: the CNN-LSTM hybrid model and the ID3 decision tree. The CNN-LSTM model was designed to combine the strengths of convolutional neural networks for spatial feature extraction with long short-term memory networks for sequence learning, while the ID3 decision tree served as a baseline algorithm to evaluate how a simpler, rule-based approach performs against advanced deep learning architectures.
Findings: The experimental results showed that the CNN-LSTM hybrid model significantly outperformed the ID3 decision tree method. Specifically, the CNN-LSTM model achieved a recall of 0.97, precision of 0.98, and an F1-score of 0.98, with an overall accuracy of 98.5% in detecting DDoS attacks. Its superior performance can be attributed to its ability to integrate spatial feature extraction and temporal sequence learning effectively. In contrast, the ID3 decision tree model delivered below-average results when compared to the CNN-LSTM, although it remained a usable solution in certain scenarios due to its simplicity and ease of implementation.
Unique Contribution to Theory, Practice and Policy: The CNN-LSTM hybrid model emerges as a highly effective solution for DDoS detection in cloud environments and should be prioritized when developing advanced security frameworks. However, decision tree algorithms such as ID3 still hold relevance, especially in resource-constrained environments where computational efficiency and model simplicity are critical considerations.
Downloads
References
[1] N. Z. Bawany, J. A. Shamsi, and K. Salah, “DDoS attack detection and mitigation using SDN: methods, practices, and solutions,” Arab. J. Sci. Eng., vol. 42, pp. 425–441, 2017.
[2] N. Agrawal and S. Tapaswi, “Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges,” IEEE Commun. Surv. & Tutorials, vol. 21, no. 4, pp. 3769–3795, 2019.
[3] A. Kushwaha, P. Pathak, and S. Gupta, “Review of optimize load balancing algorithms in cloud,” Int. J. Distrib. Cloud Comput., vol. 4, no. 2, pp. 1–9, 2016.
[4] M. Darwish, A. Ouda, and L. F. Capretz, “Cloud-based DDoS attacks and defenses,” in International Conference on Information Society, i-Society 2013, 2013.
[5] M. Zekri, S. El Kafhali, N. Aboutabit, and Y. Saadi, “DDoS attack detection using machine learning techniques in cloud computing environments,” in 2017 3rd international conference of cloud computing technologies and applications (CloudTech), 2017, pp. 1–7.
[6] M. Idhammad, K. Afdel, and M. Belouch, “Semi-supervised machine learning approach for DDoS detection,” Appl. Intell., vol. 48, no. 10, pp. 3193–3208, 2018, doi: 10.1007/s10489-018-1141-2.
[7] P. Khuphiran, P. Leelaprute, P. Uthayopas, K. Ichikawa, and W. Watanakeesuntorn, “Performance Comparison of Machine Learning Models for DDoS Attacks Detection,” in 2018 22nd International Computer Science and Engineering Conference (ICSEC), 2018, pp. 1–4. doi: 10.1109/ICSEC.2018.8712757.
[8] Y. Li and Y. Lu, “LSTM-BA: DDoS Detection Approach Combining LSTM and Bayes,” in 2019 Seventh International Conference on Advanced Cloud and Big Data (CBD), 2019, pp. 180–185. doi: 10.1109/CBD.2019.00041.
[9] R. Umar, M. Olalere, I. Idris, R. A. Egigogo, and G. Bolarin, “Performance Evaluation of Machine Learning Algorithms for Hypertext Transfer Protocol Distributed Denial of Service Intrusion Detection,” in 2019 15th International Conference on Electronics, Computer and Computation (ICECCO), 2019, pp. 1–7. doi: 10.1109/ICECCO48375.2019.9043262.
[10] C. L. Calvert and T. M. Khoshgoftaar, “Impact of class distribution on the detection of slow HTTP DoS attacks using Big Data,” J. Big Data, vol. 6, no. 1, p. 67, 2019, doi: 10.1186/s40537-019-0230-3.
[11] H. Thanh and T. Lang, “Use the ensemble methods when detecting DoS attacks in Network Intrusion Detection Systems,” EAI Endorsed Trans. Context. Syst. Appl., 2019, doi: 10.4108/eai.29-11-2019.163484.
[12] M. Ahmed and A.-S. K. Pathan, “Investigating Deep Learning for Collective Anomaly Detection - An Experimental Study,” in Security in Computing and Communications, S. M. Thampi, S. Madria, G. Wang, D. B. Rawat, and J. M. Alcaraz Calero, Eds., Singapore: Springer Singapore, 2019, pp. 211–219.
[13] T. Ahmad and M. N. Aziz, “Data preprocessing and feature selection for machine learning intrusion detection systems,” ICIC Express Lett, vol. 13, no. 2, pp. 93–101, 2019.
[14] O. E. Elejla, B. Belaton, M. Anbar, and A. Alnajjar, “Intrusion detection systems of ICMPv6-based DDoS attacks,” Neural Comput. Appl., vol. 30, pp. 45–56, 2018.
[15] E. Shao, “Encoding IP address as a feature for network intrusion detection,” Purdue University, 2019.
[16] A. A. Abdulrahman and M. K. Ibrahem, “Evaluation of DDoS attacks detection in a CICIDS2017 dataset based on classification algorithms,” Iraqi J. Inf. Commun. Technol., vol. 1, no. 3, 2018.
[17] V. S. Mohan, R. Vinayakumar, K. P. Soman, and P. Poornachandran, “Spoof net: syntactic patterns for identification of ominous online factors,” in 2018 IEEE Security and Privacy Workshops (SPW), 2018, pp. 258–263.
[18] A. Sanmorino, “A study for DDOS attack classification method,” in Journal of Physics: Conference Series, 2019, p. 12025.
[19] I. Sharafaldin, A. H. Lashkari, S. Hakak, and A. A. Ghorbani, “Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy,” in 2019 international carnahan conference on security technology (ICCST), 2019, pp. 1–8.
[20] Routhu, K., Bodepudi, V., Jha, K. M., & Chinta, P. C. R. (2020). A Deep Learning Architectures for Enhancing Cyber Security Protocols in Big Data Integrated ERP Systems. Available at SSRN 5102662.
[21] Chinta, P. C. R., & Katnapally, N. (2021). Neural Network-Based Risk Assessment for Cybersecurity in Big Data-Oriented ERP Infrastructures. Neural Network-Based Risk Assessment for Cybersecurity in Big Data-Oriented ERP Infrastructures.
[22] Katnapally, N., Chinta, P. C. R., Routhu, K. K., Velaga, V., Bodepudi, V., & Karaka, L. M. (2021). Leveraging Big Data Analytics and Machine Learning Techniques for Sentiment Analysis of Amazon Product Reviews in Business Insights. American Journal of Computing and Engineering, 4(2), 35-51.
[23] Karaka, L. M. (2021). Optimising Product Enhancements Strategic Approaches to Managing Complexity. Available at SSRN 5147875.
[24] Chinta, P. C. R., & Karaka, L. M. AGENTIC AI AND REINFORCEMENT LEARNING: TOWARDS MORE AUTONOMOUS AND ADAPTIVE AI SYSTEMS.
[25] Boppana, S. B., Moore, C. S., Bodepudi, V., Jha, K. M., Maka, S. R., & Sadaram, G. AI And ML Applications In Big Data Analytics: Transforming ERP Security Models For Modern Enterprises.
[26] Chinta, P. C. R., Katnapally, N., Ja, K., Bodepudi, V., Babu, S., & Boppana, M. S. (2022). Exploring the role of neural networks in big data-driven ERP systems for proactive cybersecurity management. Kurdish Studies.
[27] Chinta, P. C. R. (2022). Enhancing Supply Chain Efficiency and Performance Through ERP Optimisation Strategies. Journal of Artificial Intelligence & Cloud Computing, 1(4), 10-47363.
[28] Sadaram, G., Sakuru, M., Karaka, L. M., Reddy, M. S., Bodepudi, V., Boppana, S. B., & Maka, S. R. (2022). Internet of Things (IoT) Cybersecurity Enhancement through Artificial Intelligence: A Study on Intrusion Detection Systems. Universal Library of Engineering Technology, (2022).
[29] Moore, C. (2023). AI-powered big data and ERP systems for autonomous detection of cybersecurity vulnerabilities. Nanotechnology Perceptions, 19, 46-64.
[30] Chinta, P. C. R. (2023). The Art of Business Analysis in Information Management Projects: Best Practices and Insights. DOI, 10.
[31] Chinta, P. C. R. (2023). Leveraging Machine Learning Techniques for Predictive Analysis in Merger and Acquisition (M&A). Journal of Artificial Intelligence and Big Data, 3(1), 10-31586.
[32] Krishna Madhav, J., Varun, B., Niharika, K., Srinivasa Rao, M., & Laxmana Murthy, K. (2023). Optimising Sales Forecasts in ERP Systems Using Machine Learning and Predictive Analytics. J Contemp Edu Theo Artific Intel: JCETAI-104.
[33] Maka, S. R. (2023). Understanding the Fundamentals of Digital Transformation in Financial Services: Drivers and Strategic Insights. Available at SSRN 5116707.
[34] Routhu, KishanKumar & Katnapally, Niharika & Sakuru, Manikanth. (2023). Machine Learning for Cyber Defense: A Comparative Analysis of Supervised and Unsupervised Learning Approaches. Journal for ReAttach Therapy and Developmental Diversities. 6. 10.53555/jrtdd.v6i10s(2).3481.
[35] Chinta, Purna Chandra Rao & Moore, Chethan Sriharsha. (2023). Cloud-Based AI and Big Data Analytics for Real-Time Business Decision-Making. 36. 96-123. 10.47363/JAICC/2023.
[36] Krishna Madhav, J., Varun, B., Niharika, K., Srinivasa Rao, M., & Laxmana Murthy, K. (2023). Optimising Sales Forecasts in ERP Systems Using Machine Learning and Predictive Analytics. J Contemp Edu Theo Artific Intel: JCETAI-104.
[37] Bodepudi, V. (2023). Understanding the Fundamentals of Digital Transformation in Financial Services: Drivers and Strategic Insights. Journal of Artificial Intelligence and Big Data, 3(1), 10-31586.
[38] Jha, K. M., Bodepudi, V., Boppana, S. B., Katnapally, N., Maka, S. R., & Sakuru, M. Deep Learning-Enabled Big Data Analytics for Cybersecurity Threat Detection in ERP Ecosystems.
[39] Krutthika H. K. & A.R. Aswatha. (2021). Implementation and analysis of congestion prevention and fault tolerance in network on chip. Journal of Tianjin University Science and Technology, 54(11), 213–231. https://doi.org/10.5281/zenodo.5746712
[40] Krutthika H. K. & A.R. Aswatha. (2020). FPGA-based design and architecture of network-on-chip router for efficient data propagation. IIOAB Journal, 11(S2), 7–25.
[41] Krutthika H. K. & A.R. Aswatha (2020). Design of efficient FSM-based 3D network-on-chip architecture. International Journal of Engineering Trends and Technology, 68(10), 67–73. https://doi.org/10.14445/22315381/IJETT-V68I10P212
[42] Krutthika H. K. & Rajashekhara R. (2019). Network-on-chip: A survey on router design and algorithms. International Journal of Recent Technology and Engineering, 7(6), 1687–1691. https://doi.org/10.35940/ijrte.F2131.037619 (53 citations) (Now it is 17)
[43] S. Ajay, et al., & Krutthika H. K. (2018). Source hotspot management in a mesh network-on-chip. 22nd International Symposium on VLSI Design and Test (VDAT-2018). https://doi.org/10.1007/978-981-13-5950-7_51
[44] Kuraku, D. S., Kalla, D., Smith, N., & Samaah, F. (2023). Exploring how user behavior shapes cybersecurity awareness in the face of phishing attacks. International Journal of Computer Trends and Technology.
[45] Kuraku, D. S., & Kalla, D. (2023). Impact of phishing on users with different online browsing hours and spending habits. International Journal of Advanced Research in Computer and Communication Engineering, 12(10).
[46] Dinesh, K. (2022). Navigating the link between internet user attitudes and cybersecurity awareness in the era of phishing challenges. International Advanced Research Journal in Science, Engineering and Technology.
[47] Kalla, D., & Samaah, F. (2023). Exploring Artificial Intelligence And Data-Driven Techniques For Anomaly Detection In Cloud Security. Available at SSRN 5045491.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Navya Vattikonda, Anuj Kumar Gupta, Achuthananda Reddy Polu, Bhumeka Narra, Dheeraj Varun Kumar Reddy Buddula, Hari Hara Sudheer Patchipulusu
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
