Design and analysis of behaviour based DDoS detection algorithm for data centres in cloud

In the recent years, security is the major concern in cloud computing. One of the major security threats to the cloud is distributed denial of service (DDoS). This DDoS attacks results in data corruption, losing of sensitive information and leads to denial of cloud service. To overcome the drawbacks of security, we proposed the behaviour-based DDoS detection algorithm that is based on the behaviour of the user which generates the traffic. The proposed work is divided into two phases which can be executed in parallel. In general, the hackers or illegitimate user floods the traffic and uses more bandwidth. In first phase, the analysis of the dynamic traffic and effectively differentiating the genuine traffic and attacker’s traffic is done in the proposed algorithm. The packet analyzer is responsible to identify the genuine packets from the flooding traffic. In second phase, the CPU utilization is monitored and the process consuming more CPU power or the source is illegitimate, the process is rejected. The simulation is carried by using the OPNET simulator. The simulation results are tested with three different scenarios. It is proved that the proposed model has efficient response time and it has better efficiency in DDoS prone zones.