Distributed denial of services attack protection system with genetic algorithms on Hadoop cluster computing framework

DDoS attacks become serious as one of the menaces of the Internet security. It is difficult to prevent because DDoS attacker send spoofing packets to victim which makes the identification of the origin of attacks very difficult. A series of techniques have been studied such as pattern matching by learning the attack pattern and abnormal traffic detection. However, pattern matching approach is not reliable because attackers always set attacks of different traffic patterns and pattern matching approach only learns from the past DDoS data. Therefore, a reliable system has to watch what kind of attacks are carried out now and investigate how to prevent those attacks. Moreover, the amount of traffic flowing through the Internet increase rapidly and thus packet analysis should be done within considerable amount of time. This paper proposes a scalable, real-time traffic pattern analysis based on genetic algorithm to detect and prevent DDoS attacks on Hadoop distributed processing infrastructure. Experimental results demonstrate the effectiveness of our scalable DDoS protection system.