1. Home
  2. Volume 03 Issue 12 December 2024
  3. December 2024

December 2024

Machine Learning-Based Approaches for Detecting and Mitigating Distributed Denial of Service (DDoS) Attacks to Improved Cloud Security

1Navya Vattikonda, 2Anuj Kumar Gupta, 3Achuthananda Reddy Polu, 4Bhumeka Narra, 5Dheeraj Varun Kumar Reddy Buddula, 6Hari Hara Sudheer Patchipulusu
1Business Intelligence Engineer, International Medical Group Inc
2Oracle ERP Senior Business Analyst ,Genesis Alkali
3Senior SDE, Cloudhub IT Solutions
4Sr Software Developer, Statefarm
5Software Engineer, Elevance Health Inc
6Senior Software Engineer, Walmart
DOI : https://doi.org/10.58806/ijirme.2024.v3i12n16

Abstract

Cloud environments encounter massive service disruptions together with security breaches and substantial financial losses through Distributed Denial of Service (DDoS) attacks. Detecting and mitigating DDoS assaults is the focus of this research, which examines the efficacy of ML models, particularly the CNN-LSTM model and the ID3 decision tree method. The CIC DDoS2019dataset was used for both training and evaluation, employing a train-test data split of 80:20. The hybrid CNN-LSTM model achieved superior performance than the ID3 decision tree method when subjected to comparison because it integrates CNN spatial extraction with LSTM sequence learning. A CNN-LSTM model using 0.97 recall together with 0.98 precision and 0.98F1 score achieved 98.5% accuracy in detecting DDoS attacks. Analyses indicate that the ID3 model delivered below-average results yet remained a usable solution for detection of DDoS attacks in cloud environments. These findings provide light on the utilization of decision tree algorithms such as ID3 in cloud security applications and highlight the potential of the CNN-LSTM hybrid model as a strong solution for DDoS attack detection.

Keywords:

DDoS attacks, Cloud security, Threat detection, Machine learning, CIC-DDoS2019 dataset, Cloud Environment.

References:


1) N. Z. Bawany, J. A. Shamsi, and K. Salah, “DDoS attack detection and mitigation using SDN: methods, practices, and solutions,” Arab. J. Sci. Eng., vol. 42, pp. 425–441, 2017.

2. N. Agrawal and S. Tapaswi, “Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the art and research challenges,” IEEE Commun. Surv. \& Tutorials, vol. 21, no. 4, pp. 3769–3795, 2019.

3. A. Kushwaha, P. Pathak, and S. Gupta, “Review of optimize load balancing algorithms in cloud,” Int. J. Distrib. Cloud Comput., vol. 4, no. 2, pp. 1–9, 2016.

4. M. Darwish, A. Ouda, and L. F. Capretz, “Cloud-based DDoS attacks and defenses,” in International Conference on Information Society, i-Society 2013, 2013.

5. M. Zekri, S. El Kafhali, N. Aboutabit, and Y. Saadi, “DDoS attack detection using machine learning techniques in cloud computing environments,” in 2017 3rd international conference of cloud computing technologies and applications (CloudTech), 2017, pp. 1–7.

6. M. Idhammad, K. Afdel, and M. Belouch, “Semi-supervised machine learning approach for DDoS detection,” Appl. Intell., vol. 48, no. 10, pp. 3193–3208, 2018, doi: 10.1007/s10489-018-1141-2.

7. P. Khuphiran, P. Leelaprute, P. Uthayopas, K. Ichikawa, and W. Watanakeesuntorn, “Performance Comparison of Machine Learning Models for DDoS Attacks Detection,” in 2018 22nd International Computer Science and Engineering Conference (ICSEC), 2018, pp. 1–4. doi: 10.1109/ICSEC.2018.8712757.

8. Y. Li and Y. Lu, “LSTM-BA: DDoS Detection Approach Combining LSTM and Bayes,” in 2019 Seventh International Conference on Advanced Cloud and Big Data (CBD), 2019, pp. 180–185. doi: 10.1109/CBD.2019.00041.

9. R. Umar, M. Olalere, I. Idris, R. A. Egigogo, and G. Bolarin, “Performance Evaluation of Machine Learning Algorithms for Hypertext Transfer Protocol Distributed Denial of Service Intrusion Detection,” in 2019 15th International Conference on Electronics, Computer and Computation (ICECCO), 2019, pp. 1–7. doi: 10.1109/ICECCO48375.2019.9043262.

10. C. L. Calvert and T. M. Khoshgoftaar, “Impact of class distribution on the detection of slow HTTP DoS attacks using Big Data,” J. Big Data, vol. 6, no. 1, p. 67, 2019, doi: 10.1186/s40537-019-0230-3.

11. H. Thanh and T. Lang, “Use the ensemble methods when detecting DoS attacks in Network Intrusion Detection Systems,” EAI Endorsed Trans. Context. Syst. Appl., 2019, doi: 10.4108/eai.29-11-2019.163484.

12. M. Ahmed and A.-S. K. Pathan, “Investigating Deep Learning for Collective Anomaly Detection - An Experimental Study,” in Security in Computing and Communications, S. M. Thampi, S. Madria, G. Wang, D. B. Rawat, and J. M. Alcaraz Calero, Eds., Singapore: Springer Singapore, 2019, pp. 211–219.

13. T. Ahmad and M. N. Aziz, “Data preprocessing and feature selection for machine learning intrusion detection systems,” ICIC Express Lett, vol. 13, no. 2, pp. 93–101, 2019.

14. O. E. Elejla, B. Belaton, M. Anbar, and A. Alnajjar, “Intrusion detection systems of ICMPv6-based DDoS attacks,” Neural Comput. Appl., vol. 30, pp. 45–56, 2018.

15. E. Shao, “Encoding IP address as a feature for network intrusion detection,” Purdue University, 2019.

16. A. A. Abdulrahman and M. K. Ibrahem, “Evaluation of DDoS attacks detection in a CICIDS2017 dataset based on classification algorithms,” Iraqi J. Inf. Commun. Technol., vol. 1, no. 3, 2018.

17. V. S. Mohan, R. Vinayakumar, K. P. Soman, and P. Poornachandran, “Spoof net: syntactic patterns for identification of ominous online factors,” in 2018 IEEE Security and Privacy Workshops (SPW), 2018, pp. 258–263.

18. A. Sanmorino, “A study for DDOS attack classification method,” in Journal of Physics: Conference Series, 2019, p. 12025.

19. I. Sharafaldin, A. H. Lashkari, S. Hakak, and A. A. Ghorbani, “Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy,” in 2019 international carnahan conference on security technology (ICCST), 2019, pp. 1–8.

20. Routhu, K., Bodepudi, V., Jha, K. M., & Chinta, P. C. R. (2020). A Deep Learning Architectures for Enhancing Cyber Security Protocols in Big Data Integrated ERP Systems. Available at SSRN 5102662.

21. Chinta, P. C. R., & Katnapally, N. (2021). Neural Network-Based Risk Assessment for Cybersecurity in Big Data-Oriented ERP Infrastructures. Neural Network-Based Risk Assessment for Cybersecurity in Big Data-Oriented ERP Infrastructures.

22. Katnapally, N., Chinta, P. C. R., Routhu, K. K., Velaga, V., Bodepudi, V., & Karaka, L. M. (2021). Leveraging Big Data Analytics and Machine Learning Techniques for Sentiment Analysis of Amazon Product Reviews in Business Insights. American Journal of Computing and Engineering, 4(2), 35-51.

23. Karaka, L. M. (2021). Optimising Product Enhancements Strategic Approaches to Managing Complexity. Available at SSRN 5147875.

24. Chinta, P. C. R., & Karaka, L. M. AGENTIC AI AND REINFORCEMENT LEARNING: TOWARDS MORE AUTONOMOUS AND ADAPTIVE AI SYSTEMS.

25. Boppana, S. B., Moore, C. S., Bodepudi, V., Jha, K. M., Maka, S. R., & Sadaram, G. AI And ML Applications In Big Data Analytics: Transforming ERP Security Models For Modern Enterprises.

26. Chinta, P. C. R., Katnapally, N., Ja, K., Bodepudi, V., Babu, S., & Boppana, M. S. (2022). Exploring the role of neural networks in big data-driven ERP systems for proactive cybersecurity management. Kurdish Studies.

27. Chinta, P. C. R. (2022). Enhancing Supply Chain Efficiency and Performance Through ERP Optimisation Strategies. Journal of Artificial Intelligence & Cloud Computing, 1(4), 10-47363.

28. Sadaram, G., Sakuru, M., Karaka, L. M., Reddy, M. S., Bodepudi, V., Boppana, S. B., & Maka, S. R. (2022). Internet of Things (IoT) Cybersecurity Enhancement through Artificial Intelligence: A Study on Intrusion Detection Systems. Universal Library of Engineering Technology, (2022).

29. Moore, C. (2023). AI-powered big data and ERP systems for autonomous detection of cybersecurity vulnerabilities. Nanotechnology Perceptions, 19, 46-64.

30. Chinta, P. C. R. (2023). The Art of Business Analysis in Information Management Projects: Best Practices and Insights. DOI, 10.

31. Chinta, P. C. R. (2023). Leveraging Machine Learning Techniques for Predictive Analysis in Merger and Acquisition (M&A). Journal of Artificial Intelligence and Big Data, 3(1), 10-31586.

32. Krishna Madhav, J., Varun, B., Niharika, K., Srinivasa Rao, M., & Laxmana Murthy, K. (2023). Optimising Sales Forecasts in ERP Systems Using Machine Learning and Predictive Analytics. J Contemp Edu Theo Artific Intel: JCETAI-104.

33. Maka, S. R. (2023). Understanding the Fundamentals of Digital Transformation in Financial Services: Drivers and Strategic Insights. Available at SSRN 5116707.

34. Routhu, KishanKumar & Katnapally, Niharika & Sakuru, Manikanth. (2023). Machine Learning for Cyber Defense: A Comparative Analysis of Supervised and Unsupervised Learning Approaches. Journal for ReAttach Therapy and Developmental Diversities. 6. 10.53555/jrtdd.v6i10s(2).3481

35. Chinta, Purna Chandra Rao & Moore, Chethan Sriharsha. (2023). Cloud-Based AI and Big Data Analytics for Real-Time Business Decision-Making. 36. 96-123. 10.47363/JAICC/2023.

36. Krishna Madhav, J., Varun, B., Niharika, K., Srinivasa Rao, M., & Laxmana Murthy, K. (2023). Optimising Sales Forecasts in ERP Systems Using Machine Learning and Predictive Analytics. J Contemp Edu Theo Artific Intel: JCETAI-104.

37. Bodepudi, V. (2023). Understanding the Fundamentals of Digital Transformation in Financial Services: Drivers and Strategic Insights. Journal of Artificial Intelligence and Big Data, 3(1), 10-31586.

38. Jha, K. M., Bodepudi, V., Boppana, S. B., Katnapally, N., Maka, S. R., & Sakuru, M. Deep Learning-Enabled Big Data Analytics for Cybersecurity Threat Detection in ERP Ecosystems.