An Adaptive Threshold-Based Attribute Selection to Classify Requests Under DDoS Attack in Cloud-Based Systems

摘要

Cloud-based services are increasing day by day for various purposes due to its perpetuity and diverse dexterity. However,offensive network traffic such as distributed denial of service (DDoS) plays a significant role in threatening the cloud-basedservices. Therefore, defense for such attacks is required to save the cloud resources.Most of the attribute selection approachesfor request classification are based on static threshold statistics. These statistics are the default values used to reduce thedimensionality of data. However, these default statistics do not work well with varying network conditions and for differentintensities of DDoS attack. Therefore, an adaptive statistic is required to deal with different network and incoming trafficconditions.This paper also gives an comprehensive analysis ofTCP,UDPandICMPprotocol-basedDDoSattack and its effectson the cloud network. Based on the analysis and above issues, this paper presents an adaptive hybrid approach for attributeselection and classification of incoming traffic. The proposed approach consists of three subsystems such as (1) preprocessingsubsystem, (2) adaptive attribute selection subsystem and (3) detection and prevention subsystem. The work utilizes NSLKDDdataset which helps in the evaluation of the proposed approach. It is concluded that the combination of Mean AbsoluteDeviation technique with Random Forest classifier (MAD-RF) outperforms the other combinations. Therefore, MAD-RF isselected for further analysis.MAD-RF is also capable of dealing with TCP, UDP and ICMP protocol-based DDoS attack. Theresult shows that MAD-RF outperforms dimensionality reduction, traditional attribute selection methods and state-of-the-artapproaches.