The Research Of DDoS Detection Algorithm In Cloud Environment

In recent years,cloud computing has become the mainstream computing model of the Internet.Cloud computing has the characteristics of on-demand self-service,ubiquitous access,resource pooling,resilient service and service measurable.Cloud computing provides three service modes: Infrastructure as a Service(IaaS),Platform as a Service(PaaS),and Software as a Service(SaaS).Based on the features and service patterns of cloud computing,cloud computing users can freely rent cloud services to meet their own computing needs.Cloud computing resources can be obtained on demand so that users of cloud computing services can significantly reduce computing costs and maintenance costs.Although cloud computing has many advantages and conveniences,security issues are still remain that cannot be ignored.Among the many security issues that cloud platforms face,DDoS attacks are the major security threats that affect the availability of cloud platform services.On the one hand,traditional DDoS attacks still threaten cloud computing platforms.On the other hand,new type of DDoS attacks have emerged for the cloud computing environments,such as the EDoS attack.In recent years,the number of IOT devices is in an explosive period,which has greatly increased the number of botnets,and the number of DDoS attacks faced by cloud environments will increase further.Therefore,it is necessary to study the DDoS attack defense in the cloud environment.The DDoS attack detection in the cloud environment is particularly important as the first line of defense for DDoS attack.In this paper,the following two methods are proposed for DDoS attack detection in the cloud environment.DDoS detection scheme using affinity propagation algorithm and chaos theory for cloud environment.In order to handle the characteristics of large scale of host,large difference in hosts traffic behavior and high traffic complexity in cloud computing environment.Firstly,we use affinity propagation algorithm to cluster the host according to traffic behavior characteristics.Then,we use the time series of each host class' s traffic to develop prediction model,and use the chaotic analysis method to analyze the traffic flow prediction error.According to the Lyapunov exponent,we can judge whether there is DDoS attack on the host class' s traffic.Proposes a DDoS attack detection method based on deep learning model.By analyzing the structural characteristics of network traffic in the cloud environment and incorporating the principle of DDoS attacks,a deep learning model is introduced.And design a traffic processing method suitable for DDoS attack detection to input traffic into the model.Using the learning and analysis capabilities of the deep learning model,the traffic in the cloud environment is identified to achieve the purpose of detecting DDoS attacks.In addition to two detection algorithms,this paper also designs a cloud environment DDoS attack experimental platform.The complete attacker-to-victim chain is constructed by combining hardware facilities and software tools.The platform capture real traffic data through the network traffic capture module and then uses the detection algorithm module to perform the detection.This makes the experimental environment of this article closer to the real network.