In a cloud computing environment, the Distributed Denial of Service (DDoS) attack is considered as the crucial issue that needs to be addressed in ensuring the availability of resources that emerge due to the compromisation of hosts. The process of detecting and preventing DDoS attacks is determined to be predominant when the potential benefits of decoupling data plane from the control plane are facilitated through the Software Defined Networking (SDN) in the cloud environment. The incorporation of SDN in DDoS mitigation also enhances the probability of investigating the data traffic flow using the reactive process of updating forwarding rules, analyzing the network with a global view and centralized control in monitoring for better DDoS mitigation enforcement. In this paper, a Convolution Recursively Enhanced Self Organizing Map and Software Defined Networking-based Mitigation Scheme (CRESOM-SDNMS) is proposed for ensuring the better rate of detection during the process of preventing DDoS attacks in clouds. This proposed CRESOM-SDNMS facilitates a predominant option in resolving the issue of vector quantization with enhanced topology preservation and the superior initialization mechanism during the process of SOM-based categorization of flooded data traffic flows into genuine and malicious. The simulation experiments and results of the proposed CRESOM-SDNMS confirmed a superior classification accuracy of around 21% when compared to the existing systems with minimized False Positive rate of 19% compared to the benchmarked DDoS mitigation schemes of the literature.

在云计算环境中，分布式拒绝服务（DDoS）攻击被视为必须解决的关键问题，以确保由于主机受损而出现的资源的可用性。当通过云环境中的软件定义网络（SDN）促进将数据平面与控制平面分离的潜在好处时，将确定检测和预防DDoS攻击的过程最为重要。将SDN纳入DDoS缓解措施中还可以使用更新转发规则的反应性过程，以全局视图分析网络并在监控中进行集中控制以更好地实施DDoS缓解措施的过程来提高调查数据流量的可能性。在本文中，提出了一种卷积递归增强的自组织映射和基于软件定义的基于网络的缓解方案（CRESOM-SDNMS），以确保在预防云中的DDoS攻击的过程中具有更高的检测率。提出的CRESOM-SDNMS有助于在解决基于矢量拓扑的向量量化问题时使用增强的拓扑结构，并在基于SOM的泛洪数据流量流分类为真实和恶意的过程中提供出色的初始化机制。仿真实验和提出的CRESOM-SDNMS结果证实，与现有系统相比，分类精度更高，约为21％，与文献中基准的DDoS缓解方案相比，最小化的误报率为19％。