DDos Attack Detection Method Based on Information Entropy and Naive Bayes

Abstract

With the advancement of cloud computing technology, the threshold and cost of using cloud computing are gradually decreasing. Meanwhile, an increasing number of distributed denial of service attacks have shifted to cloud environments, posing a serious threat to the security of the entire cloud network space. These attacks consume a large amount of cloud computing resources and have an impact on the normal use of cloud tenants. In response to the difficulty in detecting DDoS attacks with multiple levels of attacks coexisting in the cloud, and considering the cost of the cloud environment. This article introduces a cloud based DDoS attack detection method, which is based on information entropy and naive Bayesian algorithm. This method detects suspected attack flows by calculating the virtual machine traffic entropy of relevant proxy nodes in the cloud and combining it with naive Bayesian classification methods. Design experiments to compare the effectiveness of other machine learning classification algorithms and traditional information entropy detection methods. In the verification phase, the detection method proposed in this article demonstrated good performance in detecting DDoS attacks of different attack intensities in cloud environments.