Open Access
ARTICLE
DDoS Attack Detection in Cloud Computing Based on Ensemble Feature Selection and Deep Learning
1 Cybersecurity Department, Faculty of Information Technology, American University of Madaba (AUM), Amman, 11821, Jordan
2 Computer Science Department, PY Collage, Northern Border University (NBU), 9280 NBU, Ar’ar, Saudi Arabia
3 Computer Science Department, Faculty of Science, Northern Border University (NBU), 9280 NBU, Ar’ar, Saudi Arabia
4 Remote Sensing Northern Border University (NBU), 9280 NBU, Ar’ar, Saudi Arabia
* Corresponding Author: Yousef Sanjalawe. Email:
Computers, Materials & Continua 2023, 75(2), 3571-3588. https://doi.org/10.32604/cmc.2023.037386
Received 02 December 2022; Accepted 15 January 2023; Issue published 31 March 2023
Abstract
Intrusion Detection System (IDS) in the cloud Computing (CC) environment has received paramount interest over the last few years. Among the latest approaches, Deep Learning (DL)-based IDS methods allow the discovery of attacks with the highest performance. In the CC environment, Distributed Denial of Service (DDoS) attacks are widespread. The cloud services will be rendered unavailable to legitimate end-users as a consequence of the overwhelming network traffic, resulting in financial losses. Although various researchers have proposed many detection techniques, there are possible obstacles in terms of detection performance due to the use of insignificant traffic features. Therefore, in this paper, a hybrid deep learning mode based on hybridizing Convolutional Neural Network (CNN) with Long-Short-Term Memory (LSTM) is used due to its robustness and efficiency in detecting normal and attack traffic. Besides, the ensemble feature selection, mutualization aggregation between Particle Swarm Optimizer (PSO), Grey Wolf Optimizer (PSO), Krill Hird (KH), and Whale Optimization Algorithm (WOA), is used to select the most important features that would influence the detection performance in detecting DDoS attack in CC. A benchmark dataset proposed by the Canadian Institute of Cybersecurity (CIC), called CICIDS 2017 is used to evaluate the proposed IDS. The results revealed that the proposed IDS outperforms the state-of-the-art IDSs, as it achieved 97.9%, 98.3%, 97.9%, 98.1%, respectively. As a result, the proposed IDS achieves the requirements of getting high security, automatic, efficient, and self-decision detection of DDoS attacks.Keywords
Cite This Article
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.