Performance Improvements using Soft Computing Techniques for Mitigation of DDoS Attacks in Cloud Environments

Abstract

Cloud Computing is becoming a great target for Distributed Denial of Service (DDoS) newlineassaults as it grows more widespread in modern networking. Traditional security newlinesolutions usually struggle to cope with cloud infrastructures dynamic and diverse newlinenature, making detecting and mitigating DDoS attacks in the cloud setting challenging newlineSoftware-Defined Networking (SDN) emerges as a promising method for boosting newlinecloud security by providing centralised management and programmability of network newlineresources. In the context of cloud computing, this study detailed the use of SDN for newlineDDoS attack detection. We presented a novel method that leverages SDN capabilities newlineto monitor network traffic in real-time and identify dangerous patterns that mimic newlineDDoS attacks. newlineThe primary contribution of this research is developing a robust DDoS attack newlinedetection system that effectively distinguishes between normal and malicious newlinenetwork traffic. The research proposes a novel Decision Tree Detection (DTD) model, newlinewhich combines the Greedy Feature Selection (GFS) algorithm and the Decision Tree newlineAlgorithm (DTA) to address data shift issues and achieve a detection rate (accuracy) newlineof over 90%. The DDoS attack detection process involves several steps. Initially, the newlinegureKddcup dataset is utilized and pre-processed to eliminate noisy data, ensuring newlinethe reliability of the subsequent analysis. Feature selection is then performed to newlineidentify and retain only the related features while discarding unrelated data. This newlinestreamlined dataset is subsequently divided into training and testing sets. The newlineresearch employs a SDN based DTA for the purpose of categorizing network traffic as newlineeither normal or malicious. This advanced classification technique helps effectively newlineidentify the characteristics of DDoS attacks and differentiate them from legitimate newlinetraffic. Finally, the trained DTD model is employed to predict and detect potential newlineDDoS attacks based on the SDN-based classification results.