LRDADF: An AI enabled framework for detecting low-rate DDoS attacks in cloud computing environments

Abstract

DDoS attacks, also known as distributed denial-of-service attacks, pose a significant risk to networks in the cloud. The attackers aim to flood the target system with an overwhelming amount of data and requests until it becomes completely overloaded and unable to function properly. These attacks are becoming smarter and more dangerous all the time. A low-rate DDoS attack is one such strategy that makes detection difficult. At the same time, cloud infrastructure is rapidly evolving. Container-based technology makes it possible for cloud computing to use resources efficiently and scale services in a flexible way. Existing methods for detecting DDoS attacks in cloud computing are insufficient when adversaries use low-rate DDoS attacks. A method is required that can not only identify the attack but also prevent it to some extent. A Low-Rate DDoS Attack Detection Framework (LRDADF) was proposed for this purpose when adversaries use low-rate DDoS attacks. A comprehensive approach is required because low-rate DDoS attacks are difficult to detect. In addition to employing deep learning methods to detect such attacks, we proposed a mathematical model to realize a mitigation strategy. As a result, we proposed a new algorithm called the Hybrid Approach for Low-Rate DDoS Detection (HA-LRDD). The algorithm employs an AI-enabled method comprised of deep convolutional neural networks (CNN) and a deep auto encoder. We defined another algorithm called Dynamic Low-Rate DDoS Mitigation (DLDM), which mitigates the impact of an attack once it has been identified. It also ensures that the attack is defeated and that the infrastructure continues to operate. A comprehensive simulation study revealed that the proposed framework is capable of detecting and mitigating low-rate DDoS attacks to ensure an acceptable level of service in cloud computing environments.