Is there any difference between the DDoS attack in the cloud computing and traditional network in infrastructure?
What are the important features for detection these types of attack in cloud computing environment?
My Ph.D research is about building a model to detect DDoS in the cloud environment. I, therefore, using a classification method. In my method, I trained the naïve base classifier with traditional network infrastructure dataset and test it on the cloud dataset. But the classifier misclassifies some sort of DDoS attack. For example, Smarf attack in the non-cloud dataset is misclassified as UDP attack in the cloud dataset, or normal traffic in the cloud dataset is more similar to the Ping-of-Death attack in the non-cloud dataset