论文信息 - Self-learning method for DDoS detection model in cloud computing

Self-learning method for DDoS detection model in cloud computing

Cloud Computing has many significant benefits like the provision of computing resources and virtual networks on demand. However, there is the problem to assure the security of these networks against Distributed Denial-of-Service (DDoS) attack. Over the past few decades, the development of protection method based on data mining has attracted many researchers because of its effectiveness and practical significance. Most commonly these detection methods use prelearned models or models based on rules. Because of this the proposed DDoS detection methods often failure in dynamically changing cloud virtual networks. In this paper, we purposed self-learning method allows to adapt a detection model to network changes. This is minimized the false detection and reduce the possibility to mark legitimate users as malicious and vice versa. The developed method consists of two steps: collecting data about the network traffic by Netflow protocol and relearning the detection model with the new data. During the data collection we separate the traffic on legitimate and malicious. The separated traffic is labeled and sent to the relearning pool. The detection model is relearned by a data from the pool of current traffic. The experiment results show that proposed method could increase efficiency of DDoS detection systems is using data mining.

[1] Andrei V. Gurtov,et al. Detecting the Origin of DDoS Attacks in OpenStack Cloud Platform Using Data Mining Techniques , 2016, NEW2AN.

[2] Wanlei Zhou,et al. Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks , 2011, J. Netw. Comput. Appl..

[3] A. B. M. Shawkat Ali,et al. A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing , 2012, Future Gener. Comput. Syst..

[4] Marcos A. Simplício,et al. A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing , 2011, CloudCom.

[5] Kim-Kwang Raymond Choo,et al. Google Drive: Forensic analysis of data remnants , 2014, J. Netw. Comput. Appl..

[6] Nikolay Borissov,et al. Cloud Computing – A Classification, Business Models, and Research Directions , 2009, Bus. Inf. Syst. Eng..

[7] Igor V. Kotenko,et al. Investigation of DDoS Attacks by Hybrid Simulation , 2015, ICT-EurAsia/CONFENIS.

[8] Evgenia Novikova,et al. DDoS Attacks Detection in Cloud Computing Using Data Mining Techniques , 2016, ICDM.

[9] Wayne A. Jansen,et al. Cloud Hooks: Security and Privacy Issues in Cloud Computing , 2011, 2011 44th Hawaii International Conference on System Sciences.