Botnet-Based DDoS Attack: Automatic Detection, Mitigation, and Real-Time Traffic Filtering in Cloud Environments

Botnet-Based DDoS Attack: Automatic Detection, Mitigation, and Real-Time Traffic Filtering in Cloud Environments

연구 분야: Safety

학회: International Conference on Advanced Network Technologies and Intelligent Computing

Distributed Denial of Service (DDoS) attacks pose a persistent threat to cloud infrastructure, often disrupting services and affecting legitimate user traffic. Traditional DDoS mitigation techniques, including network-based defenses and anomaly detection, are effective but frequently fail to handle complex, high-volume attacks in dynamic cloud environments. This study addresses the above-mentioned limitations by developing a scalable DDoS mitigation framework specifically for cloud infrastructure. We propose a dynamic and adaptive approach to DDoS detection that integrates real-time traffic analysis with automated and intelligent mitigation strategies. Unlike traditional methods, our solution emphasizes automated, real-time decision-making and adjusting defenses based on evolving attack patterns. This minimizes the need for manual intervention, enhances system resilience, and ensures quicker response to threats. A key contribution of this study is an automated DDoS mitigation mode that dynamically filters malicious traffic and employs CAPTCHA for legitimate users, thereby offering an efficient method for protecting cloud services. This framework is not intended to replicate existing solutions, such as Cloudflare, but instead serves as a novel approach for organizations to customize and scale their own DDoS mitigation systems. Furthermore, testing conducted in a controlled simulation environment evaluated the system’s resilience to various attack types, including volumetric, application-layer, and IP spoofing attacks. The key findings reveal the system’s capability to efficiently block malicious traffic while ensuring minimal disruption to legitimate users. Comparative analysis with Cloudflare demonstrates the effectiveness of our approach in terms of detection accuracy and resource efficiency.