Majority Vote-Based Ensemble Approach for Distributed Denial of Service Attack Detection in Cloud Computing
Keywords:Cloud computing, Cybersecurity, Machine learning, Distributed denial-of-service attacks
Cloud computing is considered as technical advancement in information technology. Many organizations have been motivated by this advancement to outsource their data and computational needs. Such platforms are required to fulfil basic security principles such as confidentiality, availability, and integrity. Cloud computing offers scalable and virtualized services with a high flexibility level and decreased maintenance costs to end-users. The infrastructure and protocols that are behind cloud computing may contain bugs and vulnerabilities. These vulnerabilities are being exploited by attackers, leading to attacks. Among the most reported attacks in cloud computing are distributed denial-of-service (DDOS) attacks. DDOS attacks are conducted by sending many data packets to the targeted infrastructure. This leads to most network bandwidth and server time being consumed, thus causing a denial of the service problem. Several methods have been proposed and experimented with for early DDOS attack detection. Employing a single machine learning classification model may give an adequate level of attack detection accuracy but needs an enhancement. In this study, we propose an approach based on an ensemble of machine learning classifiers. The proposed approach uses a majority vote-based ensemble of classifiers to detect attacks more accurately. A subset of the CICDDOS2019 dataset consisting of 32,000 instances, including 8450 benign and 23,550 DDOS attack instances was used in this study for results and evaluation. The experimental results showed that 98.02% accuracy was achieved with 97.45% sensitivity and 98.65% specificity.
Hu P, Dhelim S, Ning H, Qiu T. Survey on fog computing: architecture, key technologies, applications and open issues. Journal of network and computer applications. (2017), 15;98:27–42.
Chaudhary D, Bhushan K, Gupta BB. Survey on DDoS attacks and defense mechanisms in cloud and fog computing. International Journal of E-Services and Mobile Applications, (2018) 1;10(3):61–83.
Zhou H, Ouyang X, Ren Z, Su J, de Laat C, Zhao Z. A blockchain based witness model for trustworthy cloud service level agreement enforcement. In IEEE INFOCOM 2019-IEEE Conference on Computer Communications (2019) Apr 29 (pp. 1567–1575).
Jayaraman I, Panneerselvam AS. A novel privacy preserving digital forensic readiness provable data possession technique for health care data in cloud. Journal of Ambient Intelligence and Humanized Computing. (2021), 12(5):4911–24.
Amjad A, Alyas T, Farooq U, Tariq MA. Detection and mitigation of DDoS attack in cloud computing using machine learning algorithm. EAI Endorsed Transactions on Scalable Information Systems. (2019), 6(26).
Zekri M, El Kafhali S, Aboutabit N, Saadi Y. DDoS attack detection using machine learning techniques in cloud computing environments. In IEEE 3rd international conference of cloud computing technologies and applications (CloudTech) (2017) Oc (pp. 1–7).
Vimala S, Dhas J. SDN based DDoS attack detection system by exploiting ensemble classification for cloud computing. International Journal of Intelligent Engineering and Systems. (2018) 11:282–91.
Khan N, Abdullah J, Khan AS. Defending malicious script attacks using machine learning classifiers. Wireless Communications and Mobile Computing (2017) 5360472.
Khan N, Abdullah J, Khan AS. A Dynamic Method of Detecting Malicious Scripts Using Classifiers. Advanced Science Letters. (2017), 23(6):5352–5.
Wani AR, Rana QP, Saxena U, Pandey N. Analysis and detection of DDoS attacks on cloud computing environment using machine learning techniques. In IEEE Amity International conference on artificial intelligence (2019), (pp. 870–875).
Madhupriya G, Shalinie SM, Rajeshwari AR. Detecting DDoS attack in cloud computing using local outlier factors. In IEEE 2nd International Conference on Trends in Electronics and Informatics (2018), (pp. 859–863).
Xiao F, Ma JQ, Huang XS, Wang R. DDoS attack detection based on KNN in software defined networks. Journal of Nanjing University of Posts and Telecommunications (Natural Science Edition). (2015), 35(1):84–8.
Zekri M, El Kafhali S, Aboutabit N, Saadi Y. DDoS attack detection using machine learning techniques in cloud computing environments. In IEEE 3rd international conference of cloud computing technologies and applications (CloudTech) (2017) Oct 24 (pp. 1–7).
Wu YC, Tseng HR, Yang W, Jan RH. DDoS detection and traceback with decision tree and grey relational analysis. International Journal of Ad Hoc and Ubiquitous Computing. (2011), 7(2):121–36.
Khan N, War TA. A Deep Study on Security Vulnerabilities in Virtualization at Cloud Computing. International Journal of Computer Applications. 975:8887.
Canadian Institute of Cybersecurity, University on New Brunswick https://www.unb.ca/cic/datasets/index.html accessed on 17/01/2020.
Guyon I, Elisseeff A. An introduction to variable and feature selection. Journal of machine learning research. (2003)1157–82.
Sharpe D. Chi-square test is statistically significant: Now what?. Practical Assessment, Research, and Evaluation. (2015), 20(1).
Berrar D. Bayes’ theorem and naive Bayes classifier. Encyclopedia of Bioinformatics and Computational Biology: ABC of Bioinformatics. Elsevier Science Publisher: Amsterdam. The Netherlands. (2018),1:19.
Kang Q, Shi L, Zhou M, Wang X, Wu Q, Wei Z. A distance-based weighted undersampling scheme for support vector machines and its application to imbalanced classification. IEEE transactions on neural networks and learning systems. (2017) 25;29(9), pp. 4152–65.
Khosravi K, Pham BT, Chapi K, Shirzadi A, Shahabi H, Revhaug I, Prakash I, Bui DT. A comparative assessment of decision trees algorithms for flash flood susceptibility modeling at Haraz watershed, northern Iran. Science of the Total Environment. (2018) 627 pp. 744–55.
Ordóñez C, Lasheras FS, Roca-Pardinas J, de Cos Juez FJ. A hybrid ARIMA–SVM model for the study of the remaining useful life of aircraft engines. Journal of Computational and Applied Mathematics. (2019), 346, 184–191.
Bai J, Wang J. Improving malware detection using multi-view ensemble learning. Security and Communication Networks. (2016)9(17) pp. 4227–41.
How to Cite
Copyright (c) 2022 Journal of Cyber Security and Mobility
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.