Intrusion Prevention Against Distributed Denial-of-Service(DDoS) on the cloud

Cloud computing means delivery of computing resources over the internet. Cloud users can install vulnerable software to virtual machine which leads to violate the security of cloud. Many possible attacks in cloud, the major one is Distributed Denial-of-service (DDoS). In general this attack happens at the earlier stage of actions and compromise the virtual machine. To prevent vulnerable virtual machine from being compromised in the cloud intrusion detection and prevention systems are used. They identifies possible attacks and stop their occurrence. Cloud provide the potential to diminish DDoS attack by counter the attack and employ the idle resources of the cloud. The Distributed intrusion detection system for virtual environment proposed and implemented by chung et al. work for small scale environment and leads to lack of scalability. In this paper a framework developed based on genetic algorithm and KDD dataset are proposed to perform better in terms of reducing false positive rate and cost compares to other approaches.