DDoS Attack Detection System: Utilizing Classification Algorithms with Apache Spark

Cloud computing is a model of configurable computing resources such as servers, networks, storages, applications, and services that are available from anywhere at any time. In addition, cloud computing is managed by experts from different computer science fields to provide high reliability, availability, mobility, security, and scalability. Of course, security against all form of attacks, including DDoS attack, must be provided. Numerous DDoS attacks have been launched against different organizations in the last decade and numerous approaches have been proposed and tried to detect and prevent DDoS attacks by utilizing classification algorithms. In this research, we propose a DDoS detection system that benefits from cloud computing resources. Our proposed system consists of three concepts: classification algorithms, parallelism computing, and a fuzzy logic system. Classification algorithms are used in our system to classify and predict DDoS attacks on traffic packets. The parallelism concept is used to efficiently accelerate the execution of the utilized classification algorithms. The fuzzy logic is used to choose which of the classification algorithms is to be used next. We evaluated the classification algorithm and the parallel processing of the DDoS detection by configuring a test-bed that consists of one master and three slaves. We validated the fuzzy logic system by using the MATLAB statistical tool.