nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

Distributed Denial of Service Attack Detection Using Sequence-To-Sequence LSTM

verfasst von : Anand Parmar, Hemraj Lamkuche

Erschienen in: Global Economic Revolutions: Big Data Governance and Business Analytics for Sustainability

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Log files are a great way to find out what's wrong with a system and how secure it is. They can be very large and have a complicated structure, which is why they are so useful. We use Machine Learning (ML) to find network anomalies and build different models that are driven by data to find DDoS attacks. The main goal of this article is to reduce the number of times that DDoS detection is wrongly labeled. In this paper, we describe a method for security analysis that uses Deep Learning techniques like simple LSTM, LSTM with embedding, and Seq-to-Seq LSTM on several systems log files to find and extract data that may be related to distributed denial of service (DDoS) attacks made by malicious users who want to break into a system. Through a process of learning, these data will help to find attacks, predict attacks, or find intrusions. In this study, we looked at how different optimizers, the size of the hidden state, and the number of layers affected the same architecture to find the best way to set it up. When compared to other models, the proposed model was able to correctly identify DoS/DDoS packets that had never been seen before with a 98.95% level of accuracy.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Fintech-Enabled Financial Inclusion for Rural Networking

Nächstes Kapitel Link Adaptation Performance in the Narrow Band Internet of Things

AImajali, M.H., Ghazwi, M., Alqudah, F.T., ALmahasnah, M.J., Alajarmeh, H.H., Masarweh, A.A.: The legal aspects and the enhanced role of cybersecurity in protecting the electronic voting process in the context of Jordan Parliament election law no. (4) of 2022. Inf. Sci. Lett. 12(8), 2839–2848 (2023)

Yihunie, F., Abdelfattah, E., Odeh, A.: Analysis of ping of death DoS and DDoS attacks. In: 2018 IEEE Long Island Systems, Applications and Technology Conference, LISAT 2018 (2018). https://doi.org/10.1109/LISAT.2018.8378010

Eliyan, L.F., Di Pietro, R.: DoS and DDoS attacks in software defined networks: a survey of existing solutions and research challenges. Future Gener. Comput. Syst. 122, 149–171 (2021). https://doi.org/10.1016/j.future.2021.03.011CrossRef

Zebari, R.R., Zeebaree, S.R.M., Jacksi, K.: Impact ANALYSIS of HTTP and SYN flood DDoS attacks on apache 2 and IIS 10.0 web servers. In: ICOASE 2018 - International Conference on Advanced Science and Engineering (2018). https://doi.org/10.1109/ICOASE.2018.8548783

Haider, S., et al.: A deep CNN ensemble framework for efficient DDoS attack detection in software defined networks. IEEE Access 8, 53972–53983 (2020). https://doi.org/10.1109/ACCESS.2020.2976908CrossRef

Elbarougy, R., Aboghrara, E., Behery, G.M., Younes, Y.M., El-Badry, N.M.: COVID-19 detection on chest x-ray images by combining histogram-oriented gradient and convolutional neural network features. Inf. Sci. Lett. 12(5), 2247–2260 (2023)CrossRef

Cheng, J., Liu, Y., Tang, X., Sheng, V.S., Li, M., Li, J.: DDoS attack detection via multi-scale convolutional neural network. Comput. Mater. Continua 62(3), 1317–1333 (2020). https://doi.org/10.32604/cmc.2020.06177CrossRef

Wani, A.R., Rana, Q.P., Saxena, U., Pandey, N.: Analysis and detection of DDoS attacks on cloud computing environment using machine learning techniques. In: Proceedings - 2019 Amity International Conference on Artificial Intelligence, AICAI 2019 (2019). https://doi.org/10.1109/AICAI.2019.8701238

Saied, A., Overill, R.E., Radzik, T.: Detection of known and unknown DDoS attacks using Artificial Neural Networks. Neurocomputing 172, 385–393 (2016). https://doi.org/10.1016/j.neucom.2015.04.101CrossRef

10.

Peraković, D., Periša, M., Cvitić, I., Husnjak, S.: Model for detection and classification of DDoS traffic based on artificial neural network. Telfor J. 9(1), 26–31 (2017). https://doi.org/10.5937/telfor1701026PCrossRef

11.

Dar, S.A., Palanivel, S., Geetha, M.K., Balasubramanian, M.: Mouth image based person authentication using DWLSTM and GRU. Inf. Sci. Lett. 11(3), 853–862 (2022)CrossRef

12.

Hussein, S., et al.: Diagnosis of COVID-19 from X-rays using recurrent neural network. Inf. Sci. Lett. 11(6), 2279–2284 (2022)CrossRef

13.

Yuan, X., Li, C., Li, X.: DeepDefense: identifying DDoS attack via deep learning. In: 2017 IEEE International Conference on Smart Computing, SMARTCOMP 2017 (2017). https://doi.org/10.1109/SMARTCOMP.2017.7946998

14.

Eltahir, M.E., Ahmed, O.S.: Cybersecurity awareness in African higher education institutions: a case study of Sudan. Inf. Sci. Lett. 12(1), 171–183 (2023)CrossRef

15.

Alghenaim, M.F., Abu-Bakar, N.A., Abdul-Rahim, F.B.: Reviewing cybersecurity awareness training tools used to address phishing attack at the workplace. Inf. Sci. Lett. 11(2), 391–398 (2022)CrossRef

16.

Wang, H., Xu, L., Gu, G.: FloodGuard: a DoS attack prevention extension in software-defined networks. In: Proceedings of the International Conference on Dependable Systems and Networks, vol. 2015-September (2015). https://doi.org/10.1109/DSN.2015.27

17.

Singh, S., Khan, R.A., Agrawal, A.: Prevention mechanism for infrastructure based Denial-of-Service attack over software Defined Network. In: International Conference on Computing, Communication and Automation, ICCCA 2015 (2015). https://doi.org/10.1109/CCAA.2015.7148442

18.

Al-Sherideh, A.S., et al.: Development of a secure model for mobile government applications in Jordan. J. Stat. Appl. Pro. 13(1), 145–155 (2024)CrossRef

19.

Abuasal, S., Alsarayra, K., Alyabroodie, Z.: Designing a standard-based approach for security of healthcare systems. J. Stat. Appl. Pro. 13(1), 419–434 (2024)CrossRef

20.

Bedi, H., Roy, S., Shiva, S.: Mitigating congestion-based denial of service attacks with active queue management. In: GLOBECOM - IEEE Global Telecommunications Conference (2013). https://doi.org/10.1109/GLOCOM.2013.6831276

21.

Giotis, K., Androulidakis, G., Maglaris, V.: A scalable anomaly detection and mitigation architecture for legacy networks via an OpenFlow middlebox. Secur. Commun. Netw. 9(13), 1958–1970 (2016). https://doi.org/10.1002/sec.1368CrossRef

22.

Yevsieieva, O., Helalat, S.M.: Analysis of the impact of the slow HTTP DOS and DDOS attacks on the cloud environment. In: 2017 4th International Scientific-Practical Conference Problems of Infocommunications Science and Technology, PIC S and T 2017 - Proceedings, vol. 2018-January (2017). https://doi.org/10.1109/INFOCOMMST.2017.8246453

23.

Mahadev, Kumar, V., Kumar, K.: Classification of DDoS attack tools and its handling techniques and strategy at application layer. In: Proceedings - 2016 International Conference on Advances in Computing, Communication and Automation (Fall), ICACCA 2016 (2016). https://doi.org/10.1109/ICACCAF.2016.7749002

24.

Ivanova, V., Tashev, T., Draganov, I.: Detection of IoT based DDoS attacks by network traffic analysis using feedforward neural networks. Int. J. Circuits Syst. Signal Process. 16, 653–662 (2022). https://doi.org/10.46300/9106.2022.16.81CrossRef

25.

Lamkuche, H.S., Pramod, D., Onker, V., Katiya, S.A., Lamkuche, G.S., Hiremath, G.R.: SAL – a lightweight symmetric cipher for Internet-of-Things. Int. J. Innov. Technol. Explor. Eng. 8(11), 521–528 (2019). https://doi.org/10.35940/ijitee.K1088.09811S19

26.

Bhardwaj, A., Mangat, V., Vig, R.: Hyperband tuned deep neural network with well posed stacked sparse autoencoder for detection of ddos attacks in cloud. IEEE Access 8, 181916–181929 (2020). https://doi.org/10.1109/ACCESS.2020.3028690CrossRef

27.

Lamkuche, H.S., Pramod, D.: CSL: FPGA implementation of lightweight block cipher for power-constrained devices. Int. J. Inf. Comput. Secur. 12(2–3), 349–377 (2020). https://doi.org/10.1504/IJICS.2020.105185CrossRef

28.

Sarma, S.N.S., Lamkuche, H.H., Umamaheswari, S.: A review of secret sharing schemes. Res. J. Inf. Technol. 5(2) (2013). https://doi.org/10.3923/rjit.2013.67.72

29.

Church, K.W.: Word2Vec. Nat. Lang. Eng. 23(1) (2017). https://doi.org/10.1017/s1351324916000334

30.

Sutskever, I., Vinyals, O., Le, Q.V.: Sequence to sequence learning with neural networks. Adv. Neural Inf. Process. Syst. 4(January) (2014)

31.

Ramesh, A., Pradhan, V., Lamkuche, H.: Understanding and analysing resource utilization, costing strategies and pricing models in cloud computing. In: Journal of Physics: Conference Series, vol. 1964, no. 4 (2021). https://doi.org/10.1088/1742-6596/1964/4/042049

32.

Kumar, S., Kumar, D., Lamkuche, H.S.: TPA auditing to enhance the privacy and security in cloud systems. J. Cyber Secur. Mobility 10(3), 537–568 (2021). https://doi.org/10.13052/jcsm2245-1439.1033CrossRef

33.

Lamkuche, H.S., Kondaveety, V.B., Sapparam, V.L., Singh, S., Rajpurkar, R.D.: Enhancing the security and performance of cloud for e-governance infrastructure: Secure E-MODI. Int. J. Cloud Appl. Comput. 12(1) (2022). https://doi.org/10.4018/IJCAC.2022010108

34.

Lamkuche, H.S., Singh, K., Shirkhedkar, K.: A lightweight block cipher for cloud-based healthcare systems. In Computing, Communication and Learning: First International Conference, CoCoLe 2022, Warangal, India, 27–29 October 2022, Proceedings, pp. 3–14. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-21750-0_1

35.

Agarwal, D., Gurele, S., Lamkuche, H.S.: SAILFISH-I: a lightweight block cipher for cloud-enabled fog devices. In 2022 IEEE 6th Conference on Information and Communication Technology (CICT), pp. 1–6. IEEE (2022)

Titel: Distributed Denial of Service Attack Detection Using Sequence-To-Sequence LSTM
verfasst von: Anand Parmar
Hemraj Lamkuche
Verlag: Springer Nature Switzerland
Buch: Global Economic Revolutions: Big Data Governance and Business Analytics for Sustainability
Print ISBN: 978-3-031-50517-1

Electronic ISBN: 978-3-031-50518-8

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-3-031-50518-8_4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner