Two Phase Detection Process to Mitigate LRDDoS Attack in Cloud Computing Environment

Abstract

Distributed Denial of Service (DDoS) is a major attack carried out by attackers leveraging critical cloud computing technologies. DDoS attacks are carried out by flooding the victim servers with a massive volume of malicious traffic over a short period, Because of the enormous amount of malicious traffic, such assaults are easily detected. As a result, DDoS operations are increasingly appealing to attackers due to their stealth and low traffic rates, DDoS assaults with low traffic rates are also difficult to detect. In recent years, there has been a lot of focus on defense against low-rate DDoS attacks. This paper presents a two-phase detection technique for mitigating and reducing LRDDoS threats in a cloud environment. The proposed model includes two phases: one for calculating predicted packet size and entropy, and another for calculating the covariance vector. In this model, each cloud user accesses the cloud using the virtual machine, which has a unique session ID. This model identifies all LRDDoS assaults that take place by using different protocols (TCP, UDP, ICMP). The experiment's findings demonstrate, how the suggested data packet size, IP address, and flow behavior is used to identify attacks and prevent hostile users from using cloud services. The VM instances used by different users are controlled by this dynamic mitigation mechanism, which also upholds the cloud service quality. The results of the experiments reveal that the suggested method identifies LRDDoS attacks with excellent accuracy and scalability.