Abstract
Increasing interest in the adoption of cloud computing has exposed it to cyber-attacks. One of such is distributed denial of service (DDoS) attack that targets cloud bandwidth, services and resources to make it unavailable to both the cloud providers and users. Due to the magnitude of traffic that needs to be processed, data mining and machine learning classification algorithms have been proposed to classify normal packets from an anomaly. Feature selection has also been identified as a pre-processing phase in cloud DDoS attack defence that can potentially increase classification accuracy and reduce computational complexity by identifying important features from the original dataset, during supervised learning. In this work, we propose an ensemble-based multi-filter feature selection method that combines the output of four filter methods to achieve an optimum selection. An extensive experimental evaluation of our proposed method was performed using intrusion detection benchmark dataset, NSL-KDD and decision tree classifier. The result obtained shows that our proposed method effectively reduced the number of features from 41 to 13 and has a high detection rate and classification accuracy when compared to other classification techniques.
Highlights
Cloud computing provides individual and organisational users the on-demand, scalable and reliable computing resources and can be deployed as a public, private, community or hybrid cloud
The resulting output of the ensemble-based multi-filter feature selection (EMFFS) is determined by combining the output of each filter method and using a simple majority vote to determine the final selected feature
6 Conclusions One of the notable challenges faced by current network intrusion systems in cloud computing is the handling of massive internet traffic during distributed denial of service (DDoS) attacks
Summary
Cloud computing provides individual and organisational users the on-demand, scalable and reliable computing resources and can be deployed as a public, private, community or hybrid cloud. Despite the benefits offered by the use of cloud computing, it could be exploited or targeted by cybercriminals, including state-sponsored actors (see [3]). This is not surprising, as popular consumer technologies such as wireless sensor networks have been reportedly targeted [4, 5]. In its simplest form, a DDoS attacker seeks to Proposed DDoS defence techniques generally seek to classify packets as either legitimate or malicious and can be broadly categorised into signature-based or anomaly based. Signature-based detection is generally effective in detecting known attacks, while anomaly detection can potentially detect zero-day attacks. To overcome limitations associated with both approaches, hybrid solutions based on both techniques have been proposed in the literature [6]
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: EURASIP Journal on Wireless Communications and Networking
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.