Call For Paper - Upcoming Conferences
Research Article | Open Access | Download PDF
Volume 13 | Issue 4 | Year 2026 | Article Id. IJECE-V13I4P124 | DOI : https://doi.org/10.14445/23488549/IJECE-V13I4P124

Scalable and Automated Detection of Cloud-Based DDoS Attacks Using AutoML-Random Forests

Rachna Singh, Nitasha Soni

Received Revised Accepted Published
20 Jan 2026 20 Feb 2026 22 Mar 2026 30 Apr 2026

Citation :

Rachna Singh, Nitasha Soni, "Scalable and Automated Detection of Cloud-Based DDoS Attacks Using AutoML-Random Forests," International Journal of Electronics and Communication Engineering, vol. 13, no. 4, pp. 285-296, 2026. Crossref, https://doi.org/10.14445/23488549/IJECE-V13I4P124

Abstract

With the advent of the digital era, the prevalence of cloud computing has increased, leading to a significant rise in cyber threats, specifically Denial of Service attacks. To prevent the cloud network from such attacks, several detection methods were used, namely, rule-based and signature-based, which struggle to adapt to the intricate and dynamic nature of the networks. A unique Auto-ML-based Random Forest technique is suggested to categorize cloud-based DDoS assaults in order to overcome the shortcomings of conventional approaches. A novel, BCCC-cPacket-Cloud DDoS-2024 dataset is employed, which captures diverse types of DDoS attacks. The approach automated the feature selection process, and the model is optimized to enhance its performance. In this, the top 40 most relevant features were extracted using feature reduction techniques. Further, multiple classification tasks, such as binary, ternary, and activity-specific, are focused on attaining accurate and optimized results. In comparison to state-of-the-art methods, it was shown that an accuracy of around 98% was achieved in a number of categories. Consequently, confirming the efficacy of the suggested strategy in a cloud environment is necessary.

Keywords

DDoS attack, Cloud security, Machine Learning, AutoML.

References

  1. Ahmed Shawish, and Maria Salama, Cloud Computing: Paradigms and Technologies, Inter-cooperative Collective Intelligence:  Techniques and Applications, Springer, pp. 39-67, 2014.
    [CrossRef] [Google Scholar] [Publisher Link]
  2. Said El Kafhali, and Khaled Salah, “Stochastic Modelling and Analysis of Cloud Computing Data Center,” 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN), Paris, France, pp. 122-126, 2017.
    [CrossRef] [Google Scholar] [Publisher Link]
  3. Peter Mell, and Tim Grance et al., “The NIST Definition of Cloud Computing,” National Institute of Standards and Technology, Report, pp. 1-7, 2011.
    [CrossRef] [Google Scholar] [Publisher Link]
  4.  Said El Kafhali, and Khaled Salah, “Performance Analysis of Multi-core VMs Hosting Cloud SaaS Applications,” Computer Standards & Interfaces, vol. 55, pp. 126-135, 2018.
    [CrossRef] [Google Scholar] [Publisher Link]
  5. Karthik Lakshminarayanan et al., “Taming IP Packet Flooding Attacks,” ACM SIGCOMM Computer Communication Review, vol. 34, no. 1, pp. 45-50, 2004.
    [CrossRef] [Google Scholar] [Publisher Link]
  6. Virgil D. Gligor, “A Note on Denial-of-Service in Operating Systems,” IEEE Transactions on Software Engineering, vol. SE-10, no. 3, pp. 320-324, 1984.
    [CrossRef] [Google Scholar] [Publisher Link]
  7. C.H. Hoi Steven, Jialei Wang, and Peilin Zhao, “Libol: A Library for Online Learning Algorithms,” The Journal of Machine Learning Research, vol. 15, no. 15, pp. 495-499, 2014.
    [Google Scholar] [Publisher Link]
  8. Kenneth R Foster, Robert Koprowski, and Joseph D Skufca, “Machine Learning, Medical Diagnosis, and Biomedical Engineering Research - Commentary,” Biomedical Engineering Online, vol. 13, pp. 1-9, 2014.
    [CrossRef] [Google Scholar] [Publisher Link]
  9. Bernard Marr, A Short History of Machine Learning — Every Manager Should Read, 2016.
    [Google Scholar] [Publisher Link]
  10. Ankit Thakkar, and Ritika Lohiya, “A Review of the Advancement in Intrusion Detection Datasets,” Procedia Computer Science, vol. 167, pp. 636-645, 2020.
    [CrossRef] [Google Scholar] [Publisher Link]
  11. Tao Peng, Christopher Leckie, and Kotagiri Ramamohanarao, “Survey of Network-based Defense Mechanisms Countering the DoS and DDoS Problems,” ACM Computing Surveys, vol. 39, no. 1, pp. 1-42, 2007.
    [CrossRef] [Google Scholar] [Publisher Link]
  12. Jun Xu, and Wooyong Lee, “Sustaining Availability of Web Services under Distributed Denial of Service Attacks,” IEEE Transactions on Computers, vol. 52, no. 2, pp. 195-208, 2003.
    [CrossRef]  [Google Scholar] [Publisher Link]
  13. Yuri Gil Dantas, Vivek Nigam, and Iguatemi E. Fonseca, “A Selective Defense for Application Layer DDoS Attacks,” 2014 IEEE Joint Intelligence and Security Informatics Conference, The Hague, Netherlands, pp. 75-82, 2014.
    [CrossRef] [Google Scholar] [Publisher Link]
  14.  Mouhammd Alkasassbeh et al., “Detecting Distributed Denial of Service Attacks Using Data Mining Techniques,” International Journal of Advanced Computer Science and Applications, vol. 7, no. 1, pp. 436-445, 2016.
    [CrossRef]  [Google Scholar] [Publisher Link]
  15. Carl Livadas et al., “Usilng Machine Learning Technliques to Identify Botnet Traffic,” Proceedings 2006 31st IEEE Conference on Local Computer Networks, Tampa, FL, USA, pp. 967-974, 2006.
    [CrossRef] [Google Scholar]  [Publisher Link]
  16. Bayu Adhi Tama, and Kyung-Hyune Rhee, “Data Mining Techniques in DoS/DDoS Attack Detection: A Literature Review,” International Information Institute, vol. 18, no. 8, pp. 3739-3747, 2015.
    [Google Scholar]
  17. Qin Liao et al., “Application Layer DDoS Attack Detection using Cluster with Label based on Sparse Vector Decomposition and Rhythm Matching,” Security and Communication Networks, vol. 8, pp. 3111-3120, 2015.
    [CrossRef] [Google Scholar] [Publisher Link]
  18.  Peng Xiao et al., “Detecting DDoS Attacks Against Data Center with Correlation Analysis,” Computer Communications, vol. 67, pp. 66-74, 2015.
    [CrossRef] [Google Scholar] [Publisher Link]
  19. Reyhaneh Karimazad, and Ahmad Faraahi, “An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks,” 2011 International Conference on Network and Electronics Engineering, Singapore, pp. 44-48, 2011.
    [Google Scholar] [Publisher Link]
  20.  Rui Zhong, and Guangxue Yue, “DDoS Detection System Based on Data Mining,” Proceedings of the 2nd International Symposium on Networking and Network Security, 2010.
    [Google Scholar]
  21. Yi-Chi Wu et al., “DDoS Detection and Traceback with Decision Tree and Grey Relational Analysis,” International Journal of Ad Hoc and Ubiquitous Computing, vol. 7, no. 2, pp. 121-136, 2011.
    [CrossRef] [Google Scholar] [Publisher Link]
  22. Jin Li, Yong Liu, and Lin Gu, “DDoS Attack Detection Based on Neural Network,” 2010 2nd International Symposium on Aware Computing, Tainan, Taiwan, pp. 196-199, 2010.
    [CrossRef] [Google Scholar] [Publisher Link]
  23. V. Akilandeswari, and S. Mercy Shalinie, “Probabilistic Neural Network based Attack Traffic Classification,” 2012 Fourth International Conference on Advanced Computing (ICoAC), Chennai, India, pp. 1-8, 2012.
    [CrossRef] [Google Scholar] [Publisher Link]
  24.  Jie-Hao Chen et al., “DDoS Defense System with Turing Test and Neural Network,” 2012 IEEE International Conference on Granular Computing, Hangzhou, China, pp. 38-43, 2012.
    [CrossRef] [Google Scholar] [Publisher Link]
  25.  Hui Li, and Dihua Liu, “Research on Intelligent Intrusion Prevention System based on Snort,” 2010 International Conference on Computer, Mechatronics, Control and Electronic Engineering, Changchun, China, pp. 251-253, 2010.
    [CrossRef] [Google Scholar] [Publisher Link]
  26.  Laheeb Mohammad Ibrahim, “Anomaly Network Intrusion Detection System Based on Distributed Time-Delay Neural Network (DTDNN),” Journal of Engineering Science and Technology, vol. 5, no. 4, pp. 457-471, 2010.
    [Google Scholar] [Publisher Link]
  27. Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization,” Proceedings of the 4th International Conference on Information Systems Security and Privacy, vol. 1, pp. 108-116, 2018.
    [CrossRef] [Google Scholar]  [Publisher Link]
  28. Cybersecurity Datasets (Intelligence-led Security), Behaviour-Centric Cybersecurity Center (BCCC), Yorku. [Online]. Available: https://www.yorku.ca/research/bccc/ucs-technical/cybersecurity-datasets-cds/
  29.  MohammadMoein Shaf et al., “Toward Generating a New Cloud-Based Distributed Denial of Service (DDoS) Dataset and Cloud Intrusion Traffic Characterization, Information, vol. 15, no. 4, pp. 1-127, 2024.
    [CrossRef] [Google Scholar]  [Publisher Link] 
  30. Mamoona Nawaz et al., “Lightweight Machine Learning Framework for Efficient DDoS Attack Detection in IoT Networks,” Scientific Reports, vol. 15, pp. 1-24, 2025.
    [CrossRef] [Google Scholar]  [Publisher Link] 
  31. Furqan Rustam, Islam Obaidat, and Anca Delia Jurcut, “MULTI-LF: A Continuous Learning Framework for Real-Time Malicious Traffic Detection in Multi-Environment Networks,” arXiv preprint, pp. 1-23, 2025.
    [CrossRef] [Google Scholar] [Publisher Link] 
  32. Leonardo Henrique de Melo et al., “Anomaly-Flow: A Multi-Domain Federated Generative Adversarial Network for Distributed Denial-of-Service Detection,” IEEE Network, vol. 40, no. 2, pp. 269-277, 2026.
    [CrossRef] [Google Scholar]  [Publisher Link] 
  33. Mohammad Fathian, and Alireza Seifousadati, “A Real-time Machine-learning Model for Detecting and Mitigating DDoS Attacks,” Cybersecurity, vol. 9, pp. 1-17, 2026.
    [CrossRef] [Google Scholar]  [Publisher Link] 
  34. Saad Ahmed Ali Kalafy, Saied Pashazadeh, and Pedram Salehpourge, “Dynamic Graph Neural Network-based Framework to Increase Detection Accuracy in SDN under DDOS,” Scientific Reports, vol. 16, pp. 1-19, 2026.
    [CrossRef] [Google Scholar] [Publisher Link]