A long short-term memory (LSTM)-based distributed denial of service (DDoS) detection and defense system design in public cloud network environment

Abstract

The fact that cloud systems are under the increasing risks of cyber attacks has made the phenomenon of information security first a need and then a necessity for these systems. Distributed Denial of Service (DDoS) attacks can exploit, disrupt, change, prevent or damage cloud services. Accurate and timely detection and prevention of these attacks are very important in terms of ensuring information security. During the COVID-19 period, the increase in the use of information technologies and especially the internet has made cyber attacks a real concern. Deep learning (DL) has become widely used for the purpose of detecting and preventing cyber attacks to provide information security. In this study, a Long Short-Term Memory (LSTM) based system (LSTM-CLOUD) which was designed for the detection and prevention of DDoS attacks in a public cloud network environment was proposed. The design of the system is based on a signature-based attack detection approach. The LSTM-CLOUD has two modules defined in the study: detection and defense. The function of the first module of the system was determined as detecting the occurrence of DDoS attacks with the LSTM DL model developed in this study with an accuracy rate of 99.83% on the CICDDoS2019 data set. The function of the second module was determined as activating the defense mechanism to protect the cloud systems when attacks are detected. The comparison results showed that our LSTM model had a performance as good as those in the previous studies conducted with different DL algorithms on the same and different datasets. The results obtained show the effectiveness of the LSTM model developed in this study in detecting the occurrence of attacks. (c) 2022 Elsevier Ltd. All rights reserved.