Key points are not available for this paper at this time.
Cloud computing technique is commonly used by fast growing Internet-based applications. Moving to cloud computing results in reducing the cost of managing and maintaining IT infrastructure. Different organizations controls the cloud resources over internet using networking protocols and standards. This makes IT infrastructure distributed in nature but controlled centrally, which opens the door to the attackers for intrusions. Attacks as Distributed Denial of Service (DDoS) is one of the most popular intrusions in private cloud which cause a degradation of services being reduced or denial of services. In this work the sole focus is on DDoS attack which specifically targeted towards detection of bandwidth flooding and connection flooding. Such attacks target the network layer of the cloud set up with invalid requests and make it denial to legitimate requests. Thus, the entire cloud set up becomes vulnerable and can be disrupted by these DDoS attacks. To overcome this a cloud operating system which has an integrated firewall with DDoS detection system is required. Here a system with OpenStack integrated firewall and raw socket programming for monitoring the network traffic is proposed. Based on the dataset generated in controlled DDoS attack environment, algorithms such as Decision tree, K nearest neighbor (KNN), Naive Bayes and Deep Neural Network (DNN) algorithms are compared against the trained model. Eventually, DDoS attacks are detected, and administrator of the private cloud is notified.
Virupakshar et al. (Wed,) studied this question.