Framework for DDoS Detection in Cloud Environment using Machine Learning Techniques
Keywords:
Chi-square feature selection, CICIDS2017 dataset, Classification, Cloud security, DDoS detection, Intrusion Detection System (IDS), Machine learning, Network traffic, NSL-KDD dataset, Real-time threat detection, XGBoost classifierAbstract
Cloud computing is a scalable and on-demand service to users; its open and distributed structure makes it a prime target for Distributed Denial of Service (DDoS) attacks. These attacks affect the availability of cloud services and pose serious security risks. A hybrid DDoS detection model based on the XGBoost algorithm and Chi-Square feature selection technique is presented. The Chi-Square method is used to statistically select important network traffic features, reducing data dimensionality, and increasing the interpretability of the model. Normal and malicious traffic is then classified using the XGBoost classifier. The model analysis is based on the standard datasets, including NSL-KDD and CICIDS2017. The fundamental key performance metrics are accuracy, recall, precision, F1-score, and ROC-AUC. Its fast processing and low-key alarm rate make it the model for real-time attack detection in cloud environments.
