Skip to main content
SpringerLink
Log in

Design and analysis of behaviour based DDoS detection algorithm for data centres in cloud

  • Special Issue
  • Published:
Evolutionary Intelligence Aims and scope Submit manuscript

Abstract

In the recent years, security is the major concern in cloud computing. One of the major security threats to the cloud is distributed denial of service (DDoS). This DDoS attacks results in data corruption, losing of sensitive information and leads to denial of cloud service. To overcome the drawbacks of security, we proposed the behaviour-based DDoS detection algorithm that is based on the behaviour of the user which generates the traffic. The proposed work is divided into two phases which can be executed in parallel. In general, the hackers or illegitimate user floods the traffic and uses more bandwidth. In first phase, the analysis of the dynamic traffic and effectively differentiating the genuine traffic and attacker’s traffic is done in the proposed algorithm. The packet analyzer is responsible to identify the genuine packets from the flooding traffic. In second phase, the CPU utilization is monitored and the process consuming more CPU power or the source is illegitimate, the process is rejected. The simulation is carried by using the OPNET simulator. The simulation results are tested with three different scenarios. It is proved that the proposed model has efficient response time and it has better efficiency in DDoS prone zones.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

References

  1. Zhou Z, Xie D, Xiong W (2009) A novel distributed detection scheme against DDoS attack. J Netw 4(9):921–928

    Google Scholar 

  2. Prabha S, Anitha R (2010) Mitigation of application traffic DDoS attacks with trust and AM based HMM models. Int J Comput Appl 6(9):26–34

    Google Scholar 

  3. Wang K, Huang C-Y, Lin S-J, Lin Y-D (2011) A fuzzy pattern-based filtering algorithm for botnet detection. Comput Netw 55:3275–3286

    Article  Google Scholar 

  4. Liu T, Wang Z, Wang H, Lu K (2012) An entropy-based method for attack detection in large scale network. Int J Comput Commun 7(3):509–517

    Article  Google Scholar 

  5. Xuan Y, Shin I, Thai MT, Znati T (2010) Detecting application denial-of-service attacks: a group-testing-based approach. IEEE Trans Parallel Distrib Syst 21(8):1203–1216

    Article  Google Scholar 

  6. Chawla S, Sachdeva M, Behal S (2016) Discrimination of DDoS attacks and flash events using Pearson’s product moment correlation method. Int J Comput Sci Inf Secur 14(10):382

    Google Scholar 

  7. Acarali D, Rajarajan M, Komninos N, Herwono I (2016) Survey of approaches and features for the identification of HTTP-based botnet traffic. J Netw Comput Appl 76:1–15

    Article  Google Scholar 

  8. Sachdeva M, Kumar K (2014) A traffic cluster entropy based approach to distinguish DDoS attacks from flash event using DETER testbed. ISRN Commun Netw 2014:1–16

    Article  Google Scholar 

  9. Navaz AS, Sangeetha V, Prabhadevi C (2013) Entropy based anomaly detection system to prevent DDoS attacks in cloud. arXiv preprint arXiv:1308.6745

  10. Osanaiye O, Cai H, Choo K-KR, Dehghantanha A, Xu Z, Dlodlo M (2016) Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP J Wirel Commun Netw 2016(1):130

    Article  Google Scholar 

  11. Palvinder SM, Kumar D (2011) Improving network performance and mitigate DDoS attacks using analytical approach under collaborative software as aservice (SaaS) cloud computing environment. IJCST 2(1):119–122

    Google Scholar 

  12. Manimaran A, Durairaj M (2016) The conjectural framework for detecting DDoS attack using enhanced entropy based threshold technique (EEB-TT) in cloud environment. Int J Adv Comput Res 6(27):230

    Article  Google Scholar 

  13. Venkata KP, Sudip M, Saritha V, Raju DN, Obaidat MS (2017) An efficient learning automata based task offloading in mobile cloud computing environments. In: 2017 IEEE international conference on communications (ICC). IEEE, pp 1–6

  14. Nagaraju D, Saritha V (2016) A survey on communicational issues in mobile cloud computing. Walailak J Sci Technol (WJST) 14(10):1–10

    Google Scholar 

  15. Nagaraju D, Saritha V (2017) An evolutionary multi-objective approach for resource scheduling in mobile cloud computing. Int J Intell Eng Syst 10(1):12–21

    Google Scholar 

  16. Qwasmi N, Ahmed F, Liscano R (2011) Simulation of DDoS attacks On P2P networks. In: IEEE 13th international conference on high performance computing and communications (HPCC), pp 610–614

  17. Sengar H (2009) Overloading vulnerability of VoIP networks. In: IEEE/IFIP international conference on dependable systems & networks, pp 419–428

  18. Tritilanunt S, Sivakorn S, Juengjincharoen C, Siripornpisan A (2010) Entropy-based input-output traffic mode detection scheme for DoS/DDoS attacks. In: IEEE ISCIT, pp 804–809

  19. Jha RK, Dalal UD (2011) On demand cloud computing performance analysis with low cost for QoS application. In: International conference on multimedia, signal processing and communication technologies (IMPACT), pp 268–271

  20. https://www.riverbed.com/in/products/steelcentral/opnet.html?redirect=opnet. Accessed on 15 June 2017

  21. https://www.globenewswire.com/news-elease/2010/12/29/436872/209987/en/OPNET-Introduces-Cloud-Readiness-Performance-Assessment-Service.html. Accessed on 24 April 2017

  22. Chen Z, Jiang F, Cheng Y, Gu X, Liu W, Peng J (2018) Xgboost classifier for ddos attack detection and analysis in SDN-based cloud. In: 2018 IEEE international conference on big data and smart computing (BigComp). IEEE, pp 251–256

  23. Madhupriya G, Shalinie SM, Rajeshwari AR (2018). Detecting DDoS attack in cloud computing using local outlier factors. In: 2018 2nd international conference on trends in electronics and informatics (ICOEI). IEEE, pp 859–863

  24. Bhardwaj A, Goundar S (2018) Algorithm for secure hybrid cloud design against DDoS attacks. Int J Inf Technol Web Eng (IJITWE) 13(4):61–77

    Article  Google Scholar 

  25. John J, Norman J (2019) Major vulnerabilities and their prevention methods in cloud computing. Advances in big data and cloud computing. Springer, Singapore, pp 11–26

    Chapter  Google Scholar 

  26. Alzahrani S, Hong L (2018) Detection of distributed denial of service (DDoS) attacks using artificial intelligence on cloud. In: 2018 IEEE world congress on services (SERVICES). IEEE, pp 35–36

  27. Pandey VC, Peddoju SK, Deshpande PS (2018) A statistical and distributed packet filter against DDoS attacks in Cloud environment. Sādhanā 43(3):32

    Article  Google Scholar 

  28. Jeyanthi N, Iyengar NCS, Kumar PM, Kannammal A (2013) An enhanced entropy approach to detect and prevent DDoS in cloud environment. Int J Commun Netw Inf Secur 5(2):110

    Google Scholar 

  29. Misra S, Krishna PV, Abraham KI, Sasikumar N, Fredun S (2010) An adaptive learning routing protocol for the prevention of distributed denial of service attacks in wireless mesh networks. Comput Math Appl 60(2):294–306

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of CSE, Bharatiyar University, Coimbatore, India

    Qubeb Shaik Mohammed Penukonda

  2. Department of CSE, PSG Institute of Technology and Applied Research, Coimbatore, 641062, India

    Ilango Paramasivam

Authors
  1. Qubeb Shaik Mohammed Penukonda
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ilango Paramasivam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qubeb Shaik Mohammed Penukonda.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shaik Mohammed Penukonda, Q., Paramasivam, I. Design and analysis of behaviour based DDoS detection algorithm for data centres in cloud. Evol. Intel. 14, 395–404 (2021). https://doi.org/10.1007/s12065-019-00244-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12065-019-00244-3

Keywords

Search

Navigation