DDoS Attack Detection and Clustering of Attacked and Non-attacked VMs Using SOM in Cloud Network

  • Nitesh BharotEmail author
  • Veenadhari Suraparaju
  • Sanjeev Gupta
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1046)


Cloud computing has gained more importance in the IT service model that offers cost-effective and scalable processing. It provides virtualized and on-demand services to the user over the internet using several networking protocols with exceptional flexibility. However, with the existing technologies and the vulnerabilities, it leads to the occurrence of several attacks in the cloud environment. Distributed Denial of Service (DDoS) is most dangerous among all the attacks which limit the cloud users to access service and resources. Therefore, the detection of DDoS in the network and the identification of attacked VMs is the most dominating task in the cloud environment. In this work, a novel DDoS attack detection mechanism is presented. The research is carried out as follows: (i) Initially DDoS attack is detected by identifying the maximum number of connections to the network, (ii) then the attacked virtual machine and non-attacked virtual machines will be clustered using Self-Organized Mapping (SOM) based Neural Network (NN). The experimental results exhibit that the presented system can efficiently detect DDoS attacks and cluster attack and non-attack VMs in an attacked cloud network. Moreover, these results demonstrate that the proposed DDoS attack prediction accuracy of 97.63% and precision of 95.4% and it is better than the existing technique.


Cloud computing Artificial neural network DDoS attack Self-organizing map Availability 


  1. 1.
    Zhang, L., et al.: Cloud manufacturing: a new manufacturing paradigm. Enterp. Inf. Syst. 8(2), 167–187 (2014)CrossRefGoogle Scholar
  2. 2.
    Ren, L., Zhang, L., Tao, F., Zhao, C., Chai, X., Zhao, X.: Cloud manufacturing: from concept to practice. Enterp. Inf. Syst. 9(2), 186–209 (2015)CrossRefGoogle Scholar
  3. 3.
    Ren, L., Zhang, L., Wang, L., Tao, F., Chai, X.: Cloud manufacturing: key characteristics and applications. Int. J. Comput. Integr. Manuf. 30(6), 501–515 (2017)CrossRefGoogle Scholar
  4. 4.
    Puthal, D., Sahoo, B.P.S., Mishra, S., Swain, S.: Cloud computing features, issues, and challenges: a big picture. In: 2015 International Conference on Computational Intelligence and Networks (CINE), pp. 116–123. IEEE (2015)Google Scholar
  5. 5.
    Sheikhi, A., Rayati, M., Bahrami, S., Ranjbar, A.M., Sattari, S.: A cloud computing framework on demand side management game in smart energy hubs. Int. J. Electr. Power Energy Syst. 64, 1007–1016 (2015)CrossRefGoogle Scholar
  6. 6.
    Banerjee, S., Paul, R., Biswas, U.: Cloud computing: a wave in service supply chain. In: Handbook of Research on Managerial Strategies for Achieving Optimal Performance in Industrial Processes, pp. 304–324 (2016)CrossRefGoogle Scholar
  7. 7.
    Wei, L., et al.: Security and privacy for storage and computation in cloud computing. Inf. Sci. 258, 371–386 (2014)CrossRefGoogle Scholar
  8. 8.
    Li, J., Li, Y.K., Chen, X., Lee, P.P., Lou, W.: A hybrid cloud approach for secure authorized deduplication. IEEE Trans. Parallel Distrib. Syst. 26(5), 1206–1216 (2015)CrossRefGoogle Scholar
  9. 9.
    Islam, T., Manivannan, D., Zeadally, S.: A classification and characterization of security threats in cloud computing. Int. J. Next-Gener. Comput. 7(1) (2016)Google Scholar
  10. 10.
    Somani, G., Gaur, M.S., Sanghi, D., Conti, M., Rajarajan, M., Buyya, R.: Combating DDoS attacks in the cloud: requirements, trends, and future directions. IEEE Cloud Comput. 4(1), 22–32 (2017)CrossRefGoogle Scholar
  11. 11.
    Yan, Q., Yu, F.R.: Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Commun. Mag. 53(4), 52–59 (2015)CrossRefGoogle Scholar
  12. 12.
    Osanaiye, O., Choo, K.K.R., Dlodlo, M.: Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J. Netw. Comput. Appl. 67, 147–165 (2016)CrossRefGoogle Scholar
  13. 13.
    Somani, G., Gaur, M.S., Sanghi, D., Conti, M., Buyya, R.: DDoS attacks in cloud computing. Comput. Commun. 107(C), 30–48 (2017)CrossRefGoogle Scholar
  14. 14.
    Poornima, A., Maheshwari, D.: A study on denial of service attacks in cluster based web servers. World Sci. News 41, 240 (2016)Google Scholar
  15. 15.
    Bhuyan, M.H., Kashyap, H.J., Bhattacharyya, D.K., Kalita, J.K.: Detecting distributed denial of service attacks: methods, tools and future directions. Comput. J. 57(4), 537–556 (2013)CrossRefGoogle Scholar
  16. 16.
    Todorova, M.S., Todorova, S.T.: DDoS Attack detection in SDN-based VANET architectures (2016)Google Scholar
  17. 17.
    Mollah, M.B., Azad, M.A.K., Vasilakos, A.: Security and privacy challenges in mobile cloud computing: Survey and way ahead. J. Netw. Comput. Appl. 84, 38–54 (2017)CrossRefGoogle Scholar
  18. 18.
    Yu, Y., Miyaji, A., Au, M.H., Susilo, W.: Cloud computing security and privacy: standards and regulations (2017)CrossRefGoogle Scholar
  19. 19.
    Bharot, N., Verma, P., Sharma, S., Suraparaju, V.: Distributed denial-of-service attack detection and mitigation using feature selection and intensive care request processing unit. Arab J. Sci. Eng. 43, 959–967 (2018)CrossRefGoogle Scholar
  20. 20.
    Bharot, N., Verma, P., Suraparaju, V., Gupta, S.: Mitigating distributed denial of service attack in cloud computing environment using threshold based technique. Indian J. Sci. Technol. 9(38), 1–7 (2016)CrossRefGoogle Scholar
  21. 21.
    Han, Y., Alpcan, T., Chan, J., Leckie, C., Rubinstein, B.I.: A game theoretical approach to defend against co-resident attacks in cloud computing: preventing co-residence using semi-supervised learning. IEEE Trans. Inf. Forensics Secur. 11(3), 556–570 (2016)CrossRefGoogle Scholar
  22. 22.
    Jabir, R.M., Khanji, S.I.R., Ahmad, L.A., Alfandi, O., Said, H.: Analysis of cloud computing attacks and countermeasures. In: 2016 18th International Conference on Advanced Communication Technology (ICACT), pp. 117–123. IEEE (2016)Google Scholar
  23. 23.
    Chen, K.Y., Junuthula, A.R., Siddhrau, I.K., Xu, Y., Chao, H.J.: SDNShield: towards more comprehensive defense against DDoS attacks on SDN control plane. In: 2016 IEEE Conference on Communications and Network Security (CNS), pp. 28–36 (2016)Google Scholar
  24. 24.
    Prasad, K.M., Reddy, A.M., Rao, K.V.: BARTD: bio-inspired anomaly based real time detection of under rated App-DDoS attack on web. J. King Saud Univ. – Comput. Inf. Sci. (2017)Google Scholar
  25. 25.
    Lee, S.M., Kim, D.S., Lee, J.H., Park, J.S.: Detection of DDoS attacks using optimized traffic matrix. Comput. Math Appl. 63(2), 501–510 (2012)CrossRefGoogle Scholar
  26. 26.
    Kohonen, T.: The self-organizing map. Proc. IEEE 78(9), 1464–1480 (1990)CrossRefGoogle Scholar
  27. 27.
    Prasad, K.M., Reddy, A.R.M., Rao, K.V.: BARTD: Bio-inspired anomaly based real time detection of under rated App-DDoS attack on web. J. King Saud Univ.-Comput. Inf. Sci. (2017)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • Nitesh Bharot
    • 1
    Email author
  • Veenadhari Suraparaju
    • 1
  • Sanjeev Gupta
    • 1
  1. 1.Rabindranath Tagore UniversityRaisenIndia

Personalised recommendations