Detection Techniques for DDoS Attacks in Cloud Environment: Review Paper

  • Sultan T. Alanazi
  • Mohammed AnbarEmail author
  • Shankar Karuppayah
  • Ahmed K. Al-Ani
  • Yousef K. Sanjalawe
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 67)


Cloud computing security remains the goal of both cloud service providers and customers. With many of the security threats to the security of cloud computing, Distributed Denial of Service (DDoS) attacks is one of the most worrisome. The danger posed by the DDoS attacks are already known and continue to be the predominant security challenge in reaching an impervious and guaranteed safe cloud computing resources and service delivery. Many researchers have proposed many detection and defense techniques to protect cloud computing against DDoS attacks. In this paper, we present a review of many detection techniques that are useful in spotting DDoS attacks that are cloud-based and make a comparative analysis between them to find a suitable technique for spotting these cloud computing based DDoS attacks.


Cloud computing Distributed denial of service (DDoS) Detection techniques Prevention technique 



This research was supported by the Short-Term Research Grant, Universiti Sains Malaysia (USM) No: 304/PNAV/6313332.


  1. 1.
    Weng C, Guo M, Luo Y, Li M (2013) Hybrid CPU management for adapting to the diversity of virtual machines. IEEE Trans Comput 62(7):1332–1344MathSciNetCrossRefGoogle Scholar
  2. 2.
    Jin H et al (2011) A VMM-based intrusion prevention system in cloud computing environment. J Supercomput, pp 1–19Google Scholar
  3. 3.
    Lonea AM, Popescu DE, Tianfield H (2013) Detecting DDoS attacks in cloud computing environment. Int J Comput Commun Control 8(1):70–78CrossRefGoogle Scholar
  4. 4.
    Joshi B, Vijayan AS, Joshi BK (2012) Securing cloud computing environment against DDoS attacks. In: 2012 international conference on computer communication and informatics (ICCCI), pp 1–5Google Scholar
  5. 5.
    Yang SJ, Li YZ (2016) Design issues of enhanced DDoS protecting scheme under the cloud computing environment. In: Proceedings 2016 International Conference Networking and Network Application NaNA 2016, pp 178–183Google Scholar
  6. 6.
    Yang L, Zhang T, Song J, Wang JS, Chen P (2012) Defense of DDoS attack for cloud computing. In: CSAE 2012—Proceedings, 2012 IEEE international conference on computer science and automation engineering, vol 2, pp 626–629Google Scholar
  7. 7.
    Beale R (2011) Moving to the cloud; expect fog, no. FebruaryGoogle Scholar
  8. 8.
    Li J, Castiglione A, Dong C (2018) Special issue on security in cloud computing. J Netw Comput Appl 110(2017):97–98CrossRefGoogle Scholar
  9. 9.
    Khorshed MT, Ali ABMS, Wasimi SA (2012) Classifying different denial-of-service attacks in cloud computing using rule-based learning. Secur Commun Netw 5(11):1235–1247Google Scholar
  10. 10.
    Mell P, Grance T (2011) The NIST definition of cloud computing, recommendations of the national institute of standards and technology. National Institute of Standards and Technology, p 7Google Scholar
  11. 11.
    Mell P, Grance T (2009) On-demand self-service. Nist 15:10–15Google Scholar
  12. 12.
    Tsai W-T, Sun X, Balasooriya J (2010) Service-oriented cloud computing architecture. In: 2010 seventh international conference on information technology: new generations, 2010, pp 684–689Google Scholar
  13. 13.
    Bhuyan MH, Kashyap HJ, Bhattacharyya DK, Kalita JK (2014) Detecting distributed denial of service attacks: methods, tools and future directions. Comput J Oxford J 57(4):537–556CrossRefGoogle Scholar
  14. 14.
    Daffu P, Kaur A (2017) Mitigation of DDoS attacks in cloud computing. In: 2016 5th international conference on wireless networks and embedded systems, WECON 2016Google Scholar
  15. 15.
    Othman RAR (2000) Understanding the various types of denial of service attack no. URL: 2 June 2018
  16. 16.
    Meng B, Andi W, Jian X, Fucai Z (2017) DDOS attack detection system based on analysis of users’ behaviors for application layer. In: 2017 IEEE international conference computing science engineering, IEEE international conference embedded and ubiquitous computing, pp 596–599Google Scholar
  17. 17.
    Parwani D, Dutta A, Shukla PK, Tahiliyani M (2015) Various techniques of DDoS attacks detection and prevention at cloud: a survey. Orient J Comput Sci Technol 8(2):110–120Google Scholar
  18. 18.
    Sri KS, Lakshmi P (2017) DDoS attacks, detection parameters and mitigation in cloud environment, 3(01):1–4Google Scholar
  19. 19.
    Lonea AM, Popescu DE, Prostean O, Tianfield H (2013) Evaluation of experiments on detecting distributed denial of service (DDoS) attacks in eucalyptus private cloud. In: Advances in intelligent systems computing, vol 195 AISC, pp 367–379Google Scholar
  20. 20.
    Aghila G, Karnwal T (2012) A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attackGoogle Scholar
  21. 21.
    Negi P, Mishra A, Gupta BB (2013) Enhanced CBF packet filtering method to detect DDoS attack in cloud computing environment. Arxiv, pp 2–6Google Scholar
  22. 22.
    Gul I, Hussain M (2011) Distributed cloud intrusion detection model. Int J Adv Sci Technol 34:71–82Google Scholar
  23. 23.
    Bakshi A, Yogesh B (2010) Securing cloud from DDOS attacks using intrusion detection system in virtual machine. In: 2nd international conference communication software networks, ICCSN 2010, pp 260–264Google Scholar
  24. 24.
    Lo CC, Huang CC, Ku J (2010) A cooperative intrusion detection system framework for cloud computing networks. In: Proceedings of international conference parallel processing workshop, pp 280–284Google Scholar
  25. 25.
    Wang B, Zheng Y, Lou W, Hou YT (2015) DDoS attack protection in the era of cloud computing and software-defined networking. Comput Netw 81:308–319CrossRefGoogle Scholar
  26. 26.
    Marnerides AK, Spachos P, Chatzimisios P, Mauthe AU (2015) Malware detection in the cloud under ensemble empirical mode decomposition. In: 2015 International Conference Computing Network Communication, pp 82–88Google Scholar
  27. 27.
    Vissers T, Somasundaram TS, Pieters L, Govindarajan K, Hellinckx P (2014) DDoS defense system for web services in a cloud environment. Futur Gener Comput Syst 37:37–45CrossRefGoogle Scholar
  28. 28.
    Shamsolmoali, P, Zareapoor M (2014) Statistical-based filtering system against DDOS attacks in cloud computing. In: Proceedings of the 2014 international conference on advances in computing, communications and informatics, ICACCI 2014, pp 1234–1239Google Scholar
  29. 29.
    Choi J, Choi C, Ko B, Kim P (2014) A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment. Soft Comput 18(9):1697–1703CrossRefGoogle Scholar
  30. 30.
    Alqahtani S, Gamble RF (2015) DDoS attacks in service clouds. In: Proceedings of annual Hawaii international conference system science, vol 2015–March, pp 5331–5340Google Scholar
  31. 31.
    Zakarya M (2013) DDoS verification and attack packet dropping algorithm in cloud computing. World Appl Sci J 23(11):1418–1424Google Scholar
  32. 32.
    Ismail MN, Aborujilah A, Musa S, Shahzad Aa (2013) Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach. In: Proceedings of 7th international conference ubiquitous information management communication—ICUIMC ’13, no. January, pp 1–6Google Scholar
  33. 33.
    Choi J, Choi C, Ko B, Choi D, Kim P (2013) Detecting web based DDoS attack using MapReduce operations in cloud computing environment. J Internet Serv Inf Secur 8111:28–37Google Scholar
  34. 34.
    Dou W, Chen Q, Chen J (2013) A confidence-based filtering method for DDoS attack defense in cloud environment. Futur Gener Comput Syst 29(7):1838–1850CrossRefGoogle Scholar
  35. 35.
    Huang VSM, Huang R, Chiang M (2013) A DDoS mitigation system with multi-stage detection and text-based turing testing in cloud computing. In: Proceedings of 27th international conference advanced information networking application workshop. WAINA 2013, pp 655–662Google Scholar
  36. 36.
    Modi CN, Patel DR, Patel A, Muttukrishnan R (2012) Bayesian classifier and snort based network intrusion detection system in cloud computing. In: 2012 third international conference on computing communication networking technology, vol 39, pp 1–7Google Scholar
  37. 37.
    Cha B, Kim J (2011) Study of multistage anomaly detection for secured cloud computing resources in future internet. In: Proceedings of IEEE 9th international conference dependable, autonomic and secure computing DASC 2011, pp 1046–1050Google Scholar
  38. 38.
    Kaur P, Kumar M, Bhandari A (2017) A review of detection approaches for distributed denial of service attacks. Syst Sci Control Eng 5(1):301–320CrossRefGoogle Scholar
  39. 39.
    Prabadevi B, Jeyanthi N (2014) Distributed denial of service attacks and its effects on cloud environment-a survey. In: 2014 international symposium networks, computing communication, pp 1–5Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • Sultan T. Alanazi
    • 1
  • Mohammed Anbar
    • 1
    Email author
  • Shankar Karuppayah
    • 1
  • Ahmed K. Al-Ani
    • 1
  • Yousef K. Sanjalawe
    • 1
  1. 1.National Advanced IPv6 CentreUniversiti Sains MalaysiaGelugorMalaysia

Personalised recommendations