Towards a Proactive System of DDoS Attacks Detection in the Cloud

Nowadays, cloud computing becoming a vital technology for organization and users by providing services through the internet. Flexibility, Efficiency, high scalability, and cost effective are the main advantages of cloud computing. However, cloud computing still suffers against attacks that threat its availability, especially DDoS attacks. This type of attack makes service unavailable by sending a huge number of flows generated by different distributed devices. High false positive rate, high time detection and high computing cost are the main challenges of exiting system of attack detection in the cloud. In this paper, we present new approach to detect DDoS attack in the cloud based on time series analysis and machine learning techniques. Statistical methods and deep learning are used to forecast the number of normal flows in the next minute, if the number of received flows is far exceeded the forecasted number, a preprocessing process is trigged followed by classifier to differ between DDoS attack and normal flows. Our system is evaluated by using public dataset CIDDS-001 and satisfactory results obtained an accuracy of an accuracy of 100%, a f1-score of 99.96% and a time detection of 0.29 s.