Distributed Denial of Service attacks (DDoS) overwhelm network resources with useless or harmful packets and prevent normal users from accessing these network resources. These attacks jeopardize the confidentiality, privacy and integrity of information on the internet. Since it is very difficult to set any predefined rules to correctly identify genuine network traffic, an anomaly-based Intrusion Detection System (IDS) for network security is commonly used to detect and prevent new DDoS attacks. Data mining methods can be used in intrusion detection systems, such as clustering k-means, artificial neural network. Since the clustering methods can be used to aggregate similar objects, they can detect DDoS attacks to reduce false-positive rates. In this study, a review of DDoS attacks using clustering data mining techniques is presented. A review illustrates the most recent, state-of-the-art science for
clustering techniques to detect DDoS attacks.

Information has become an organization’s most precious asset upon which they have increasingly become dependent. The widespread use of e-commerce has increased the necessity of protecting the system to a very high extent. DDoS attacks have become a hot research topic, because they can lead to a loss of confidence and privacy and could lead to illegal actions taken against an organization. DDoS attacks make use of many different hosts that compromised by the attacker to send useless packets to the target in a short time, which may consume the target’s resources, making them unavailable for normal operations (Jieren et al., 2009).
This attack is one of the main threats that the internet is facing which causes corrupted for information and loss of data integrity, confidentiality and availability for organizations. Hence, losing any factor of security criteria Confidentially, Integrity and
Availability (CIA) can cause significant harm in organization