DDoS Attack Mitigation in Cloud Networks Using Hybrid Metaheuristic and Machine Learning Framework

Authors

https://doi.org/10.48313/maa.v2i3.53

Abstract

Cloud computing has become the backbone of modern enterprise infrastructure due to its scalability and cost-efficiency. However, this centralized nature makes it a prime target for Distributed Denial of Service (DDoS) attacks, which aim to exhaust network resources and render services unavailable. Traditional detection mechanisms, such as static firewalls and standalone Machine Learning (ML) algorithms, often struggle with the high dimensionality of network traffic data, leading to high False Positive Rates (FPR) and substantial detection latency. To address these challenges, this paper proposes a novel hybrid framework that integrates Grey Wolf Optimization (GWO) with a Convolutional Neural Network-Long Short-Term Memory (CNN-LSTM) deep learning model. The GWO algorithm is utilized as a wrapper-based feature selection technique to eliminate redundant features, thereby solving the curse of dimensionality. Subsequently, the CNN-LSTM architecture captures both spatial and temporal features of the traffic flows for accurate classification. Experimental evaluation was conducted using the benchmark CIC-DDoS2019 dataset. The results demonstrate that the proposed hybrid model achieves an accuracy of 99.2% and reduces detection latency by 14% compared to standard Random Forest (RF) and standalone Convolutional Neural Networks (CNNs) models. These findings suggest that bio-inspired optimization combined with deep temporal learning provides a robust defense mechanism for securing cloud environments against evolving DDoS threats.

Keywords:

Cloud security, Distributed denial of service mitigation, Grey wolf optimization, Deep learning, Convolutional neural network-long short-term memory

References

  1. [1] Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in cloud. Journal of network and computer applications, 36(1), 42–57. https://doi.org/10.1016/j.jnca.2012.05.003
  2. [2] Zargar, S. T., Joshi, J., & Tipper, D. (2013). A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE communications surveys & tutorials, 15(4), 2046–2069. https://doi.org/10.1109/SURV.2013.031413.00127
  3. [3] Mirkovic, J., & Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. ACM sigcomm computer communication review, 34(2), 39–53. https://doi.org/10.1145/997150.997156
  4. [4] Sharafaldin, I., Lashkari, A. H., Hakak, S., & Ghorbani, A. A. (2019). Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. 2019 international carnahan conference on security technology (ICCST) (pp. 1–8). IEEE. https://doi.org/10.1109/CCST.2019.8888419
  5. [5] Mirjalili, S., Mirjalili, S. M., & Lewis, A. (2014). Grey wolf optimizer. Advances in engineering software, 69, 46–61. https://doi.org/10.1016/j.advengsoft.2013.12.007
  6. [6] Buczak, A. L., & Guven, E. (2015). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE communications surveys & tutorials, 18(2), 1153–1176. https://doi.org/10.1109/COMST.2015.2494502
  7. [7] Liao, H. J., Lin, C. H. R., Lin, Y. C., & Tung, K. Y. (2013). Intrusion detection system: A comprehensive review. Journal of network and computer applications, 36(1), 16–24. https://doi.org/10.1016/j.jnca.2012.09.004
  8. [8] Kim, J., Kim, J., Thu, H. L. T., & Kim, H. (2016). Long short term memory recurrent neural network classifier for intrusion detection. 2016 international conference on platform technology and service (PlatCon) (pp. 1–5). IEEE. https://doi.org/10.1109/PlatCon.2016.7456805
  9. [9] Shone, N., Ngoc, T. N., Phai, V. D., & Shi, Q. (2018). A deep learning approach to network intrusion detection. IEEE transactions on emerging topics in computational intelligence, 2(1), 41–50. https://doi.org/10.1109/TETCI.2017.2772792
  10. [10] Xue, B., Zhang, M., Browne, W. N., & Yao, X. (2015). A survey on evolutionary computation approaches to feature selection. IEEE transactions on evolutionary computation, 20(4), 606–626. https://doi.org/10.1109/TEVC.2015.2504420
  11. [11] Xue, B., Zhang, M., & Browne, W. N. (2012). Particle swarm optimization for feature selection in classification: A multi-objective approach. IEEE transactions on cybernetics, 43(6), 1656–1671. https://doi.org/10.1109/TSMCB.2012.2227469

Downloads

Published

2025-06-18

Issue

Vol. 2 No. 3 (2025): Metaheuristic Algorithms with Applications

Section

Articles

How to Cite

Bani Hashemian, S. A. (2025). DDoS Attack Mitigation in Cloud Networks Using Hybrid Metaheuristic and Machine Learning Framework. Metaheuristic Algorithms With Applications, 2(3), 324–331. https://doi.org/10.48313/maa.v2i3.53

Similar Articles

11-20 of 20

You may also start an advanced similarity search for this article.