International Journal of Future Generation Communication and Networking Vol. 14, No. 1, (2021), pp. 1536-1546 1536 ISSN: 2233-7857IJFGCN Copyright ⓒ2020SERSC A Hybrid approach using digital forensics for attack detection in a cloud network environment Shaweta Sachdeva 1 , Aleem Ali 2 Research Scholar Department of CSE, Glocal University Saharanpur, U.P., India 1 Associate Professor, Department of CSE, Glocal University Saharanpur, U.P., India 2 Abstract In the recent era, the web is the major means used by cyber-criminals to carry out attacks alongside people and groups. Due to the continually increasing number of Internet users these attacks might influence from an enormous goal surface. Characteristic attacks commit during the ICMP Attack, TCP Sync Attack, UDP ATTACK, log analysis scamming, and so on. In the few last years, we have seen the growth of a threat through data sending or receiving via the internet. In demanding they use various web technologies for arranging the victim's machine and to build, at runtime, the appropriate response to being sent to the client. Provide a deep insight into this problem and proposes narrative solutions for the analysis of existing ICMP Attack, TCP Sync Attack, UDP Attack, log analysis. With the Hybrid approach using digital forensics for attack detection in a cloud network environment make a less complex system for improving the current issues of the computational complexity and applying cyber Forensic investigation (KNN, MLP). Our proposed approach is very effective for classification the attack dataset. Keywords: Digital forensics, Attack detection, Cloud Computing, TCP,ICMP, UDP. 1. INTRODUCTION Establish a network of multi-hop cloud we are mainly at the network's fingertips. An authenticating user consents to the use of a cloud space for the storage or retrieval of the file or several data, so each nod is associated with the neighboring node and is deployed to compete in the network neighborhood when a packet is generated by a sender. Cloud networks [1] that build and manage cloud networks and security events. Before that, browse and pick the source files and the selected data is rehabilitated to a set packet size and sent to a destination from the source. Track and analyze the events in the network using the genetic algorithm [2] to identify irregular behaviors. The intruding identification is different for the identification of improper, wrong, or anomalous moving attackers as a mechanism for a network packet. The packet is blocked when the genetic algorithm stipulates an abnormal behavior. After the invalid packets are screened, they are blocked and any correct packet arrives at the destination. Depending on cloud networks for location and technique employed by the engine to generate warnings, there are many ways to identify IDs. All three elements are merged into a single system or computer in several simple implementations. After the invalid packets are screened, they are blocked and any correct packet arrives at the destination.Depending on cloud networks form and location and technique employed by the engine to generate warnings, there are many ways to identify IDs. All three elements are merged into a single system or computer in several simple implementations.The proposed method for selecting the wrapper feature can optimize feature subsets and kernel parameters at the same time, which allows the functionality of the Cloud environment data feature selection process. 1.1 SECURED PROTOCOL The convention includes in the cloud environment ought to be made more secure and propel, which can guarantee more security to client's information. UDP [3] is an untrustworthy convention that ought to be stayed away from in the information bundle exchange, while then again HTTP is a secured convention that