Hypothesis Test for Low-rate DDoS Attack Detection in Cloud Computing Environment

Abstract Low-rate Distributed Denial of Service (LDoS) attack is another form of DDoS attack for disrupting the cloud services. It differs from DDoS attack in terms of attack volume. DDoS attacks usually have very high attack volume; however, LDoS have very low attack rate. Moreover, these attacks are launched periodically with high narrow spike and low frequency. The behavior of the LDoS attack traffic is very much close to the behavior of the normal traffic; therefore LDoS attacks are capable to bypass the DDoS detection system. Therefore, low-rate DDoS attacks can persist for longer time and endanger the victim. LDoS attacks fraudulently consume the cloud resources for prolonged period of time which raises the economic concerns of cloud-based service providers. This paper presents an effective approach to detect the presence of LDoS attack flow in cloud computing. The proposed approach perform hypothesis test based on t-statistic to identify the LDoS attack flows. To verify the claims made in the paper and to demonstrate the effectiveness of the proposed approach, several experiments are done with the help of suitable benchmark datasets.