Research On DDoS Attack Detection Technology For Cloud Computing

With the rapid development and deep application of science and technology,people's way of life is changed by cloud computing constantly.It includes common network technologies such as parallel computing,utility computing,virtualization,distributed computing and load balancing and hot backup.Cloud computing has changed the architecture and operation mode of the traditional IT industry,which enables people to manage and control the physical world more rapidly,intelligently and in low cost.While,with the development and improvement of cloud computing technology,the cost and threshold of cloud computing are gradually reduced.More and more distributed denial-of-service attack sources appear in the cloud environment,which poses a serious threat to the entire cloud network space security and also consumes a large amount of cloud computing resources,and which affects the normal use of cloud tenants.How to detect DDoS attacks efficiently in the cloud has become a pressing issue for the moment.This paper focuses on the research of DDoS attack detection method in cloud computing environment and proposes a detection method based on information entropy,machine learning and bag-of-words model in view of the characteristics of traditional DDoS attacks in cloud environment.The main research results in this paper are as follows:(1)Aiming at the problem that DDoS attacks with multiple attack intensity exist in cloud which causes attack detection difficult,this paper proposes a cloud DDoS attack detection method based on information entropy and naive bayes,considering the characteristics and overhead of cloud environment.By calculating the traffic entropy of related node virtual machine,this paper combines the naive bayes classification method to detect the suspicious attack flow.Compared with other machine learning classifiers and traditional information entropy detection methods,the design experiment verifies that the proposed detection method has good performance in detecting different attack intensity of DDoS attacks in cloud.(2)Aiming at the problem that the threshold value is difficult to be determined in the traditional DDoS attack detection method based on the traffic entropy,this paper presents DDoS attack detection method in cloud based on K-means and the bag-of-words model.This method uses the bag-of-words model and clustering method to identify the DDoS attack traffic according to the key point histogram.Experimental results show that this method has the advantages of high recognition rate and shorter training time,which provides an efficient way for detecting DDoS attacks in complex cloud computing environment.To sum up,this paper mainly studies the DDoS attack detection technology in the cloud computing environment,and detects DDoS attacks in cloud based on information entropy,machine learning and bag of words,to a certain extent,to ensure the security of cloud environment and the normality of cloud tenants' use.