Paper Info
Title
Machine Learning Based DDoS Attack Detection from Source Side in Cloud
Abstract
Denial of service (DOS) attacks are a serious threat to network security. These attacks are often sourced from virtual machines in the cloud, rather than from the attacker's own machine, to achieve anonymity and higher network bandwidth. Past research focused on analyzing traffic on the destination (victim's) side with predefined thresholds. These approaches have significant disadvantages. They are only passive defenses after the attack, they cannot use the outbound statistical features of attacks, and it is hard to trace back to the attacker with these approaches. In this paper, we propose a DOS attack detection system on the source side in the cloud, based on machine learning techniques. This system leverages statistical information from both the cloud server's hypervisor and the virtual machines, to prevent network packages from being sent out to the outside network. We evaluate nine machine learning algorithms and carefully compare their performance. Our experimental results show that more than 99.7% of four kinds of DOS attacks are successfully detected. Our approach does not degrade performance and can be easily extended to broader DOS attacks.
Year
DOI
Venue
2017
10.1109/CSCloud.2017.58
2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud)
Keywords
Field
DocType
DDOS attack,Machine Learning,Cloud Computing,Virtual Machine Monitor,Cloud Provider
Virtual machine,Denial-of-service attack,Computer security,Computer science,Network security,Server,Hypervisor,Feature extraction,Artificial intelligence,Anonymity,Machine learning,Cloud computing
Conference
ISBN
Citations 
PageRank 
978-1-5090-6645-2
3
0.36
References 
Authors
12
3
Name
Order
Citations
PageRank
Zecheng He1255.05
Tianwei Zhang2346.63
Ruby Lee32460261.28