Providing cloud security is one of challenging issues that has attracted a lot of research and development effort in last few years. In general, in very first step attackers tries to explore vulnerabilities of a cloud system and forces virtual machines to deploy further Distributed Denial-of-Service (DDoS) at a large-scale. DDoS attacks i.e. variation of DOS attack usually involve early stage actions such as scanning low-frequency vulnerabilities, multistep exploitation and compromising identified vulnerable virtual machines as zombies and then at last achieving DDoS attacks through the compromised zombies. Within the cloud system, mainly in Infrastructure-as-a-Service (IaaS) clouds, detecting zombie exploration attacks is extremely difficult.