Skip to main content
SpringerLink
Log in

A Deep Reinforcement Learning-based DDoS Attack Mitigation Scheme for Securing Big Data in Fog-Assisted Cloud Environment

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Cloud computing is supported by Fog computing paradigm for achieving local data investigation at edge devices by offering storage support, infrastructure, computing and network facilities to end users. Availability is considered as the important security requirement for facilitating disruptive utilization of on-demand cloud service for diverse client applications. Seamless services of clouds are hindered by Distributed Denial of Service (DDoS) attacks in a cloud computing environment. In this paper, Deep Reinforcement Learning (DRL) and Long Short Term Memory (LSTM)-based DDoS attack mitigation scheme is propounded for handling the impacts of DDoS attacks in fog-assisted cloud computing environment. In the proposed scheme, Software Defined Network (SDN) is utilized for deploying defense module in the SDN controller for the purpose of identifying anomalous characteristics of DDoS attack in transport or network layer. It aids in filtering and forwarding legitimate packets by performing network traffic analysis while circumventing attacks caused by infected packets.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Data Availability

The data that support the findings of this study are available from the corresponding author upon reasonable request.

References

  1. Bawany, N. Z., Shamsi, J. A., & Salah, K. (2017). DDoS attack detection and mitigation using SDN: Methods, practices, and solutions. Arabian Journal for Science and Engineering, 42(2), 425–441.

    Article  Google Scholar 

  2. Berral, J. L., Poggi, N., Alonso, J., Gavaldà, R., Torres, J., & Parashar, M. (2008). Adaptive distributed mechanism against flooding network attacks based on machine learning. In Proceedings of 1st ACM workshop on Workshop on AISec - AISec '08, 1(1), (pp. 67–74).

  3. Cui, J., He, J., Xu, Y., & Zhong, H. (2018). TDDAD: Time-based detection and defense scheme against DDoS attack on SDN controller. Information Security and Privacy, 1(1), 649–665.

    Article  Google Scholar 

  4. Elhassouny, A., & Smarandache, F. (2019). Trends in deep convolutional neural networks architectures: A review. In International conference of computer science and renewable energies (ICCSRE), 1(1),(pp. 87–96)

  5. Sengathir J., Deva Priya M. (2021). Improved Artificial Bee Colony using Monarchy Butterfly Optimization Algorithm for Load Balancing (IABC-MBOA-LB) in Cloud Environment, Journal of Networks and Systems Management (Vol. 29, No. 39) Springer. ISSN: 1573-7705.

  6. Deva Priya M., Muhammad Haaris J., Poovizhi Selvan C.Y., Ruban R., Sengathir J. (2021). “Batch Signature-based Verification of Data Computation in Cloud Applications” in the 6th International Conference on Recent Trends in Computing (ICRTC 2020), Lecture Notes in Networks and Systems (Vol. 177, pp. 733–747) Springer.

  7. Deva Priya M., Amirthavarsini G., Angu Kaushika S., Deeptheshanmathie K. (2022). “A Cloud based Trusted Framework for Industrial Connected Vehicles” in the International Conference on Recent Trends in Computing (ICRTC 2021), Lecture Notes in Networks and Systems (Vol. 341, pp. 201–211) Springer.

  8. Kumar, A., Abhishek, K., Liu, X., & Haldorai, A. (2021). An efficient privacy-preserving id centric authentication in iot based cloud servers for sustainable smart cities. Wireless Personal Communications, 117, 3229–3253.

  9. Giotis, K., Argyropoulos, C., Androulidakis, G., Kalogeras, D., & Maglaris, V. (2014). Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Computer Networks, 62(1), 122–136.

    Article  Google Scholar 

  10. Durai, K. N., Subha, R., & Haldorai, A. (2021). A novel method to detect and prevent SQLIA using ontology to cloud web security. Wireless Personal Communications, 117(4), 2995–3014.

  11. Ha, T., Kim, S., An, N., Narantuya, J., Jeong, C., Kim, J., & Lim, H. (2016). Suspicious traffic sampling for intrusion detection in software-defined networks. Computer Networks, 109(1), 172–182.

    Article  Google Scholar 

  12. Li, Q., Meng, L., Zhang, Y., & Yan, J. (2019). DDoS attacks detection using machine learning algorithms. Digital TV and Multimedia Communication, 1(1), 205–216.

    Article  Google Scholar 

  13. Mihai-Gabriel, I., & Victor-Valeriu, P. (2014). Achieving DDoS resiliency in a software defined network by intelligent risk assessment based on neural networks and danger theory. In 15th IEEE International symposium on computational intelligence and informatics (CINTI), 1(1), (pp. 21–32).

  14. Santos, R., Souza, D., Santo, W., Ribeiro, A., & Moreno, E. (2019). Machine learning algorithms to detect DDoS attacks in SDN. Concurrency and Computation: Practice and Experience, 1(1), e5402.

    Google Scholar 

  15. Saxena, R., & Dey, S. (2019). DDoS attack prevention using collaborative approach for cloud computing. Cluster Computing, 1(1), 23–31.

    Google Scholar 

  16. Shon, T, Kim, Y, Lee, C & Jongsub Moon. (2005.). A machine learning framework for network anomaly detection using SVM and GA. In proceedings from the sixth annual IEEE systems, man and cybernetics (SMC) information assurance workshop, 1(1), (pp. 56–64).

  17. Wang, C., Miu, T. T., Luo, X., & Wang, J. (2018). SkyShield: A sketch-based defense system against application layer DDoS attacks. IEEE Transactions on Information Forensics and Security, 13(3), 559–573.

    Article  Google Scholar 

  18. Manikopoulos, C., & Papavassiliou, S. (2002). Network intrusion and fault detection: A statistical anomaly approach. IEEE Communications Magazine, 40(10), 76–82.

    Article  Google Scholar 

  19. Seufert, S., & O'Brien, D. (2007). Machine learning for automatic defence against distributed denial of service attacks. In IEEE international conference on communications, 1(2), (pp. 67–73)

  20. Kumar, P. A. R., & Selvakumar, S. (2013). Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Computer Communications, 36(3), 303–319.

    Article  Google Scholar 

  21. He, Z., Zhang, T., & Lee, R. B. (2017). Machine learning based DDoS attack detection from source side in cloud. In 4th IEEE international conference on cyber security and cloud computing (CSCloud), 1(1), (pp. 23–32).

  22. Yuan, X., Li, C., & Li, X. (2017). DeepDefense: Identifying DDoS attack via deep learning. In IEEE international conference on smart computing (SMARTCOMP) (pp. 1–8).

  23. Li, C., Wu, Y., Yuan, X., Sun, Z., Wang, W., Li, X., & Gong, L. (2018). Detection and defense of DDoS attack-based on deep learning in openflow-based SDN. International Journal of Communication Systems, 31(5), e3497.

    Article  Google Scholar 

  24. Priyadarshini, R., & Barik, R. K. (2019). A deep learning based intelligent framework to mitigate DDoS attack in fog environment. Journal of King Saud University–Computer and Information Sciences, 2(1), 23–38.

    Google Scholar 

  25. Bhardwaj, A., Mangat, V., & Vig, R. (2020). Hyperband tuned deep neural network with well posed stacked sparse autoencoder for detection of DDoS attacks in cloud. IEEE Access, 8, 181916–181929.

    Article  Google Scholar 

  26. Kachavimath, A. V., & Narayan, D. G. (2021). A deep learning-based framework for distributed denial-of-service attacks detection in cloud environment. In Advances in computing and network communications: proceedings of CoCoNet 2020, Volume 1 (pp. 605–618). Springer Singapore.

  27. Gudla, S. P. K., Bhoi, S. K., Nayak, S. R., & Verma, A. (2022). DI-ADS: A deep intelligent distributed denial of service attack detection scheme for fog-based IoT applications. Mathematical Problems in Engineering, 2022, 1–17.

    Article  Google Scholar 

  28. Alzahrani, R. J., & Alzahrani, A. (2023). A novel multi algorithm approach to identify network anomalies in the IoT using Fog computing and a model to distinguish between IoT and Non-IoT devices. Journal of Sensor and Actuator Networks, 12(2), 19.

    Article  Google Scholar 

  29. Yan, Q., Yu, F. R., Gong, Q., & Li, J. (2016). Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications Surveys and Tutorials, 18(1), 602–622.

    Article  Google Scholar 

  30. Zekri, M., Kafhali, S. E., Aboutabit, N., & Saadi, Y. (2017). DDoS attack detection using machine learning techniques in cloud computing environments. In 3rd international conference of cloud computing technologies and applications (CloudTech), 1(1) (pp. 21–34).

  31. https://www.sciencedirect.com/topics/computer-science/floodlight-controller

  32. https://www.tensorflow.org/guide/keras/training_keras_models_on_cloud

  33. https://www.unb.ca/cic/datasets/ids.html

  34. https://www.kali.org/tools/hping3/

Download references

Funding

This research work has not received any funding from any organization.

Author information

Authors and Affiliations

  1. Department of Information Technology, CVR College of Engineering, Mangalpally, Vastunagar, Hyderabad, Telangana, India

    Sengathir Janakiraman

  2. Department of Computer Science and Engineering, Sri Eshwar College of Engineering, Coimbatore, Tamilnadu, India

    M. Deva Priya

Authors
  1. Sengathir Janakiraman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. Deva Priya
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. Deva Priya.

Ethics declarations

Conflicts of interest

The authors declare that ther is no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Janakiraman, S., Deva Priya, M. A Deep Reinforcement Learning-based DDoS Attack Mitigation Scheme for Securing Big Data in Fog-Assisted Cloud Environment. Wireless Pers Commun 130, 2869–2886 (2023). https://doi.org/10.1007/s11277-023-10407-2

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-023-10407-2

Keywords

Search

Navigation