TruCT Cloud effectively detects distributed denial of service (DDoS) attacks in cloud environments while effectively protecting the sensitive traffic information of legitimate users.
Authors
Udit Mamodiya, Faculty of Engg. & Technology, Poornima University, Rajasthan, Jaipur, India
Sunil Kr Pandey, Dept. of Information Technology, Institute of Technology & Science, Uttar Pradesh, Ghaziabad, India
V Neela, School of Computing and I.T., REVA University, Bengaluru, India
Priyanka Sisodia, Faculty of Comp. & Informatics, S.P.S. University, Rajasthan, Udaipur, India
K Nandagopal, Department of Mathematics, Mohan Babu University, Andhrapradesh, Tirupati, India
Subarno Bhattacharyya, Assistant Director, Office of D.L. and Online Edu, O.P. Jindal Global University, Sonipat, Haryana, India
Summary
Focusing the problems linked with distributed denial of service (DDoS) attacks in the cloud, the encrypted attack traffic is more substantial in scale, more discrete, and simpler to set up. This paper proposes a trust-based DDoS discovery method for encrypted traffic in the cloud environment named as TruCT Cloud. This technique adds the concept of trust to the current machine learning-based DDoS attack detection system, and combines the security authentication of the cloud service itself, and integrates the trust evaluation mechanism based on signature and environmental factors to filter the apparently non-attack traffic of legitimate tenants, without the need for encrypted traffic. Afterwards, for other encrypted traffic and non-encrypted traffic, five features are introduced, namely, the median value of flow packets, the median value of flow bytes, the convection ratio, the port speed increase, and the source IP speed increase, and the Ball-tree is constructed based on the features. And a traffic classification algorithm based on k- nearest neighbours (kNN) is proposed. Finally, the effect of the proposed method is tested in the Open-Stack cloud environment. The experiments show that the TruCTCloud method can quickly detect abnormal traffic and identify the early traffic of DDoS attacks. At the same time, it can effectively protect the sensitive traffic information of legitimate users.
Published in: 2024 International Conference on Augmented Reality, Intelligent Systems, and Industrial Automation, ARIIA 2024
To read the full article, please click here.
