Countering DDoS threats: leveraging ensemble methods for detection and mitigation

Abstract

Cloud computing is the modern concept of distributing numerous services through the Internet, such as web applications, databases, and programmers that operate on several servers. As Cloud computing technologies evolve, increasing susceptibility to attack may result from service outages during data storage and transmission. The most common sort of assault against Cloud settings is distributed denial-of-service (DDoS). Several approaches for detecting and mitigating these attacks have been offered, however they are ineffective. In this research, we propose a method for detecting and mitigating DDoS attacks in their early phases, considering top-layer advances at the application layer and the TCP handshake mechanism. This study employs a variety of ensemble-based machine learning approaches to classify incoming data as legitimate or malicious to respond to DDoS attacks at the application layer. Furthermore, the double TCP connection concept is used to prevent DDoS. Experiments show that the stacked voting system detects DDOS attacks with the best F-score of 99.9%.